Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-29446

open-webui v0.5.16 is vulnerable to SSRF in routers/ollama.py in function verify_connection.

Published

2025-04-21T17:15:23.883

Last Modified

2025-05-28T15:49:36.563

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 3.3 (LOW)

Weaknesses

Type: Secondary
CWE-918

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	openwebui	open_webui	0.5.16	Yes

References

https://github.com/jcxj/jcxj/blob/master/source/_posts/open-webui-ssrf%E6%BC%8F%E6%B4%9E.md Broken Link ([email protected])
https://github.com/l1uyi/cve-list/blob/main/cve-list/open-webui-ssrf.md Exploit, Third Party Advisory ([email protected])