Cyber Posture

CVE-2026-45395

High

Published: 15 May 2026

Published
15 May 2026
Modified
15 May 2026
KEV Added
Patch
CVSS Score 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0006 18.6th percentile
Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-45395 is a high-severity Improper Privilege Management (CWE-269) vulnerability. Its CVSS base score is 7.2 (High).

Operationally, ranked at the 18.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

This vulnerability is AI-related — categorised as Other AI Platforms.

Threat & Defense Details

Likely Mitigating ControlsAI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

AC-1 Policy and Procedures
addresses: CWE-269 CWE-862

Policy addresses roles, responsibilities, and privilege management to prevent improper privilege assignments.

AC-13 Supervision and Review — Access Control
addresses: CWE-269 CWE-862

Access supervision ensures privileges are assigned and managed without improper escalation or retention.

AC-2 Account Management
addresses: CWE-269 CWE-862

Assigning group/role memberships and access authorizations (privileges) while reviewing accounts addresses improper privilege management.

AC-25 Reference Monitor
addresses: CWE-862 CWE-269

Always invoking the reference monitor prevents missing authorization checks for protected resources.

CA-4 Security Certification
addresses: CWE-862 CWE-269

Requires verification that authorization checks are present and operational for protected resources.

CA-9 Internal System Connections
addresses: CWE-862 CWE-269

Requiring explicit authorization for each internal connection prevents missing authorization.

CM-5 Access Restrictions for Change
addresses: CWE-269 CWE-862

Restricting who can perform changes helps ensure privileges are managed properly rather than assigned broadly.

MA-5 Maintenance Personnel
addresses: CWE-269 CWE-862

Manages privileges by authorizing only approved personnel and supervising those lacking required authorizations for maintenance.

NVD Description

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, the tool update endpoint (POST /api/v1/tools/id/{id}/update) is missing the workspace.tools permission check that is present on the tool create endpoint. This allows a user…

more

who has been explicitly denied tool management capabilities ( and who the administrator considers untrusted for code execution ) to replace a tool's server-side Python content and trigger execution, bypassing the intended workspace.tools security boundary. This vulnerability is fixed in 0.9.5.

Deeper analysisAI

Automated synthesis unavailable for this CVE.

Details

CWE(s)
CWE-269CWE-862

AI Security AnalysisAI

AI Category
Other AI Platforms
Risk Domain
N/A
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
Matched keywords: artificial intelligence

References