Exposure of Resource to Wrong Sphere Affecting open-webui package, versions [,0.9.0)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk IDSNYK-PYTHON-OPENWEBUI-16599148
- published9 May 2026
- disclosed8 May 2026
- creditClassic298
Introduced: 8 May 2026
NewCVE-2026-44552 (opens in a new tab)How to fix?
Upgrade open-webui to version 0.9.0 or higher.
Overview
open-webui is an Open WebUI
Affected versions of this package are vulnerable to Exposure of Resource to Wrong Sphere in the handling of Redis cache keys for tool_servers and terminal_servers when multiple instances share a Redis backend. An attacker can overwrite or inject malicious tool server or terminal server configurations across instances by leveraging admin access on one instance, causing users on another instance to unknowingly interact with attacker-controlled servers and potentially exposing sensitive data, OAuth tokens, and conversation context. This is only exploitable if multiple instances share a single Redis backend and the attacker has admin access on one of the instances.