What is the CVSS score of CVE-2026-28786?

CVE-2026-28786 has a CVSS 3.1 base score of 4.3 (Medium). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N. EPSS exploitation probability: 0.0%.

Which versions of Open Webui are affected by CVE-2026-28786?

Organizations using Open WebUI should be aware of moderate risk from CVE-2026-28786, a path traversal vulnerability rated CVSS 4.3. This could allow unauthorized file access.. A patch is available.

Open Webui CVE-2026-28786

EUVD-2026-16480 MEDIUM

Path Traversal (CWE-22)

2026-03-27 security-advisories@github.com

Information Disclosure Path Traversal Open Webui

4.3

CVSS 3.1 · GitHub Advisory

Severity by source

GitHub Advisory PRIMARY

4.3 MEDIUM

AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

None

Lifecycle Timeline

Patch released

Mar 31, 2026 - 21:13 nvd

Patch available

EUVD ID Assigned

Mar 27, 2026 - 00:22 euvd

EUVD-2026-16480

Analysis Generated

Mar 27, 2026 - 00:22 vuln.today

CVE Published

Mar 27, 2026 - 00:16 nvd

MEDIUM 4.3

DescriptionGitHub Advisory

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.6, an unsanitized filename field in the speech-to-text transcription endpoint allows any authenticated non-admin user to trigger a FileNotFoundError whose message - including the server's absolute DATA_DIR path - is returned verbatim in the HTTP 400 response body, confirming information disclosure on all default deployments. Version 0.8.6 patches the issue.

AnalysisAI

Open WebUI versions prior to 0.8.6 disclose the server's absolute DATA_DIR path to any authenticated non-admin user via unsanitized filename handling in the speech-to-text transcription endpoint, which returns FileNotFoundError messages in HTTP 400 responses. This information disclosure affects all default deployments and requires only user-level authentication to trigger. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Vulnerability AssessmentAI

Risk Assessment	The CVSS 4.3 score reflects Low Confidentiality impact (C:L), Low Attack Complexity (AC:L), Network Attack Vector (AV:N), and Low privilege requirements (PR:L). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	An authenticated non-admin user with access to Open WebUI's speech-to-text feature submits a malformed or non-existent filename (such as a path with special characters or a file outside the expected upload directory) to the transcription endpoint. The application returns a 400 Bad Request response containing the FileNotFoundError message, which includes the absolute server path to the DATA_DIR. …
Remediation	Upgrade Open WebUI to version 0.8.6 or later, which patches the unsanitized filename field in the speech-to-text endpoint. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. …

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-28786 vulnerability details – vuln.today

Back

Open Webui CVE-2026-28786

Severity by source

CVSS VectorGitHub Advisory

Lifecycle Timeline

DescriptionGitHub Advisory

AnalysisAI

Unlock full vulnerability intelligence

Vulnerability AssessmentAI

Recommended ActionAI

Share

External POC / Exploit Code