Cradicle Explorer
ai-llm-security-ai-infra-guard
/ data / vuln_en / open-webui / CVE-2025-63681.yaml
CVE-2025-63681.yaml
 1  info:
 2    name: open-webui
 3    cve: CVE-2025-63681
 4    summary: Open-webui is vulnerable to incorrect access control, allowing unauthorized task cancellation.
 5    details: |
 6      Open-webui v0.6.33 is vulnerable to Incorrect Access Control. The API `/api/tasks/stop/` directly accesses and cancels tasks without verifying user ownership, enabling attackers (a normal user) to stop arbitrary LLM response tasks.
 7    cvss: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P
 8    severity: LOW
 9    security_advise: |
10      1. Upgrade to a version greater than 0.6.33.
11      2. Implement proper access control checks for the `/api/tasks/stop/` endpoint to ensure only authorized users can cancel their own tasks.
12    references:
13      - https://nvd.nist.gov/vuln/detail/CVE-2025-63681
14      - https://github.com/TOAST-Research/pocs/blob/main/openwebui/arbitirary_task_stop/report.md
15      - https://github.com/open-webui/open-webui
16      - https://github.com/open-webui/open-webui/blob/46ae3f4f5d7d4d706041bdae4ad2d802e568712b/backend/open_webui/main.py#L1652
17  rule: version > "0" && version <= "0.6.33"