diff --git a/advisories/unreviewed/2026/01/GHSA-qr7m-hwp7-qjqg/GHSA-qr7m-hwp7-qjqg.json b/advisories/unreviewed/2026/01/GHSA-qr7m-hwp7-qjqg/GHSA-qr7m-hwp7-qjqg.json index e771f70e75851..47f5c88a7e8a7 100644 --- a/advisories/unreviewed/2026/01/GHSA-qr7m-hwp7-qjqg/GHSA-qr7m-hwp7-qjqg.json +++ b/advisories/unreviewed/2026/01/GHSA-qr7m-hwp7-qjqg/GHSA-qr7m-hwp7-qjqg.json @@ -1,24 +1,46 @@ { "schema_version": "1.4.0", "id": "GHSA-qr7m-hwp7-qjqg", - "modified": "2026-01-23T06:31:24Z", + "modified": "2026-01-23T06:31:32Z", "published": "2026-01-23T06:31:24Z", "aliases": [ "CVE-2026-0765" ], - "details": "Open WebUI PIP install_frontmatter_requirements Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Open WebUI. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the install_frontmatter_requirements function.The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-28258.", + "summary": "[DISPUTED BY VENDOR] Open WebUI PIP install_frontmatter_requirements Command Injection Remote Code Execution Vulnerability", + "details": "> [!IMPORTANT]\n> **DISPUTED BY VENDOR (Open WebUI maintainers).** This advisory does not describe a vulnerability. The `install_frontmatter_requirements` function is the documented dependency-installation mechanism of the Tools/Functions feature — user-authored Python that the server runs by design — reachable only by administrators or users explicitly granted the `workspace.tools` permission (disabled by default; documented as equivalent to shell access). Out of scope per the Open WebUI security policy (Rules 1, 9, 10). The corresponding report was filed via the project's GHSA channel (GHSA-rjx7-v9ff-8jcq) and closed as out-of-scope; the CVE was published by ZDI in disregard of that vendor disposition. A formal REJECT request is pending with MITRE. See: https://docs.openwebui.com/security/vendor-dispositions/cve-2026-0765/\n\n---\n\nOpen WebUI PIP install_frontmatter_requirements Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Open WebUI. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the install_frontmatter_requirements function.The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-28258.", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], - "affected": [], + "affected": [ + { + "package": { + "ecosystem": "PyPI", + "name": "" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ], "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0765" }, + { + "type": "WEB", + "url": "https://docs.openwebui.com/security/vendor-dispositions/cve-2026-0765" + }, { "type": "WEB", "url": "https://www.zerodayinitiative.com/advisories/ZDI-26-031"