Description
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the LDAP authentication endpoint does not validate that the submitted password is non-empty before performing a Simple Bind against the LDAP server. The LdapForm Pydantic model accepts password: str with no minimum length constraint, so an empty string passes validation. The subsequent Connection.bind() call succeeds on vulnerable LDAP servers, and the application issues a full session token for the target user. This vulnerability is fixed in 0.9.0.
Published: 2026-05-15
Score: 9.1 Critical
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The LDAP authentication endpoint in Open WebUI, prior to version 0.9.0, fails to enforce a non‑empty password before performing a Simple Bind. An attacker can submit an empty string, which the Pydantic model accepts, and the subsequent bind succeeds against vulnerable LDAP servers. The application then issues a valid session token for the targeted user. This flaw, classified as CWE‑287, permits unauthorized users to obtain access to the platform as any account whose LDAP entry is known.

Affected Systems

Versions of Open WebUI earlier than 0.9.0 are affected. The flaw resides in the Open WebUI open‑webui product and affects all deployments that use LDAP authentication through the exposed endpoint.

Risk and Exploitability

The vulnerability carries a CVSS score of 9.1 and is not listed in the CISA KEV catalog. No EPSS score is available, so the exact exploitation probability is unknown. The likely attack vector is remote: a client able to reach the web host can send an HTTP request to the LDAP endpoint with an empty password, exploiting the lack of validation to obtain a full session token for any existing LDAP user. Once authenticated, the attacker gains access with the privileges of that user.

Generated by OpenCVE AI on May 15, 2026 at 21:22 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Open WebUI to version 0.9.0 or later.
  • If an upgrade cannot be performed immediately, disable the LDAP authentication endpoint in the web server or application configuration to prevent empty‐password submissions until the patch is applied.
  • Implement minimum‑password or non‑empty‑password validation on the application side or at the network level to reject empty strings before they reach the LDAP server.

Generated by OpenCVE AI on May 15, 2026 at 21:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-2r4p-jpmg-48f4 Open WebUI has an LDAP Empty Password Authentication Bypass
History

Fri, 15 May 2026 21:45:00 +0000

Type Values Removed Values Added
First Time appeared Open-webui
Open-webui open-webui
Vendors & Products Open-webui
Open-webui open-webui

Fri, 15 May 2026 20:15:00 +0000

Type Values Removed Values Added
Description Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the LDAP authentication endpoint does not validate that the submitted password is non-empty before performing a Simple Bind against the LDAP server. The LdapForm Pydantic model accepts password: str with no minimum length constraint, so an empty string passes validation. The subsequent Connection.bind() call succeeds on vulnerable LDAP servers, and the application issues a full session token for the target user. This vulnerability is fixed in 0.9.0.
Title Open WebUI: LDAP Empty Password Authentication Bypass
Weaknesses CWE-287
References
Metrics cvssV3_1

{'score': 9.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N'}

Subscriptions

Open-webui Open-webui
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-05-15T19:59:35.011Z

Reserved: 2026-05-06T20:59:00.594Z

Link: CVE-2026-44551

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-15T20:16:46.437

Modified: 2026-05-15T20:16:46.437

Link: CVE-2026-44551

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-15T21:30:08Z

Weaknesses