npm
open-webui
6 known vulnerabilities · 0 critical · 2 high
Open WebUI Affected by an External Model Server (Direct Connections) Code Injection via SSE Events
Published Nov 7, 2025
Open WebUI vulnerable to Stored DOM XSS via prompts when 'Insert Prompt as Rich Text' is enabled resulting in ATO/RCE
Published Nov 7, 2025
GHSA-5ccf-884p-4jjq
Open WebUI Unauthenticated Multipart Boundary Denial of Service (DoS) Vulnerability
Published Mar 20, 2025
Check your entire dependency tree at onceRun dependency scan →