CVE-2026-54007 | open-webui Open WebUI up to 0.9.5 Chat Message /api/v1/chats/new submitPrompt origin validation (GHSA-3vv5-8xxp-4f55)
A vulnerability has been found in open-webui Open WebUI up to 0.9.5 and classified as problematic. Affected is the function submitPrompt of the file /api/v1/chats/new of the component Chat Message Handler. Performing a manipulation results in origin validation error.
This vulnerability is identified as CVE-2026-54007. The attack can be initiated remotely. There is not any exploit available.
The affected component should be upgraded.