DEV Community

CVE Reports
CVE Reports

Posted on • Originally published at cvereports.com

CVE-2026-28786: CVE-2026-28786: Path Traversal and Information Disclosure in Open WebUI Audio Transcriptions

#security #cve #cybersecurity

CVE-2026-28786: Path Traversal and Information Disclosure in Open WebUI Audio Transcriptions

Vulnerability ID: CVE-2026-28786
CVSS Score: 4.3
Published: 2026-03-27

Open WebUI versions prior to 0.8.6 are vulnerable to path traversal and information disclosure via the audio transcription endpoint. An authenticated attacker can manipulate the multipart form filename to disclose the absolute filesystem path of the internal application directory.

TL;DR

A flaw in Open WebUI's filename parsing allows authenticated users to leak absolute server paths by triggering verbose file-write errors in the transcription API.

⚠️ Exploit Status: POC

Technical Details

  • CWE ID: CWE-22 / CWE-209
  • Attack Vector: Network
  • CVSS Score: 4.3 (Medium)
  • EPSS Score: 0.00020 (5.29%)
  • Impact: Information Disclosure (Absolute Path Leak)
  • Exploit Status: Proof of Concept
  • KEV Status: Not Listed

Affected Systems

  • Open WebUI
  • Open WebUI: < 0.8.6 (Fixed in: 0.8.6)

Code Analysis

Commit: 387225e

Fix internal path leakage in audio transcriptions by implementing os.path.basename sanitization and masking exception outputs.

--- a/backend/open_webui/routers/audio.py
+++ b/backend/open_webui/routers/audio.py
- ext = file.filename.split('.')[-1] if file.filename else ''
+ safe_name = os.path.basename(file.filename) if file.filename else ''
+ ext = safe_name.rsplit('.', 1)[-1] if '.' in safe_name else ''
... 
- except Exception as e:
-     raise HTTPException(status_code=400, detail=ERROR_MESSAGES.DEFAULT(e))
+ except Exception as e:
+     log.exception(e)
+     raise HTTPException(status_code=400, detail='Transcription failed.')
Enter fullscreen mode Exit fullscreen mode

Exploit Details

  • Vulnerability Report: Proof of concept path traversal payload details disclosed in the official security advisory.

Mitigation Strategies

  • Upgrade Open WebUI to version 0.8.6 or newer.
  • Implement Web Application Firewall (WAF) rules to detect and block path traversal patterns in multipart form data filename attributes.
  • Review custom exception handling configurations to ensure sensitive internal application errors are not reflected to API consumers.

Remediation Steps:

  1. Verify the current running version of Open WebUI.
  2. Pull the latest container image (v0.8.6+) or update the local repository branch to incorporate the patch.
  3. Restart the Open WebUI backend service.
  4. Verify functionality of the audio transcription endpoint to ensure regressions are not introduced.

References

Read the full report for CVE-2026-28786 on our website for more details including interactive diagrams and full exploit analysis.

Top comments (0)