{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-59224","assignerOrgId":"a0819718-46f1-4df5-94e2-005712e83aaa","state":"PUBLISHED","assignerShortName":"GitHub_M","dateReserved":"2026-07-02T21:05:02.925Z","datePublished":"2026-07-09T17:09:31.980Z","dateUpdated":"2026-07-10T03:55:48.312Z"},"containers":{"cna":{"title":"Open WebUI: Terminal proxy forwards a spoofable, integrity-unbound user identity to the upstream (X-User-Id header and ws_terminal session_id query injection)","problemTypes":[{"descriptions":[{"cweId":"CWE-287","lang":"en","description":"CWE-287: Improper Authentication","type":"CWE"}]},{"descriptions":[{"cweId":"CWE-290","lang":"en","description":"CWE-290: Authentication Bypass by Spoofing","type":"CWE"}]}],"metrics":[{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":8,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"LOW","scope":"CHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H","version":"3.1"}}],"references":[{"name":"https://github.com/open-webui/open-webui/security/advisories/GHSA-j657-m4c4-24jq","tags":["x_refsource_CONFIRM"],"url":"https://github.com/open-webui/open-webui/security/advisories/GHSA-j657-m4c4-24jq"},{"name":"https://github.com/open-webui/open-webui/pull/26042","tags":["x_refsource_MISC"],"url":"https://github.com/open-webui/open-webui/pull/26042"},{"name":"https://github.com/open-webui/open-webui/commit/5f3a628a8d291bb5d33e1a0b0c89fb62a2927934","tags":["x_refsource_MISC"],"url":"https://github.com/open-webui/open-webui/commit/5f3a628a8d291bb5d33e1a0b0c89fb62a2927934"},{"name":"https://github.com/open-webui/open-webui/releases/tag/v0.10.0","tags":["x_refsource_MISC"],"url":"https://github.com/open-webui/open-webui/releases/tag/v0.10.0"}],"affected":[{"vendor":"open-webui","product":"open-webui","versions":[{"version":"< 0.10.0","status":"affected"}]}],"providerMetadata":{"orgId":"a0819718-46f1-4df5-94e2-005712e83aaa","shortName":"GitHub_M","dateUpdated":"2026-07-09T17:09:31.980Z"},"descriptions":[{"lang":"en","value":"Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. Prior to 0.10.0, backend/open_webui/routers/terminals.py built the ws_terminal upstream URL from an unencoded session_id and appended user_id as a query parameter, allowing query injection to make the terminal backend resolve another user identity; the HTTP proxy path also forwarded X-User-Id as an integrity-unbound identity claim. This issue is fixed in version 0.10.0."}],"source":{"advisory":"GHSA-j657-m4c4-24jq","discovery":"UNKNOWN"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2026-07-09T00:00:00+00:00","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3","id":"CVE-2026-59224"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-07-10T03:55:48.312Z"}}]}}