Unauthenticated Denial of Service in open-webui/open-webui
Description
In version 0.3.32 of open-webui/open-webui, the absence of authentication mechanisms allows any unauthenticated attacker to access the api/v1/utils/code/format endpoint. If a malicious actor sends a POST request with an excessively high volume of content, the server could become completely unresponsive. This could lead to severe performance issues, causing the server to become unresponsive or experience significant degradation, ultimately resulting in service interruptions for legitimate users.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Unauthenticated access to api/v1/utils/code/format endpoint in open-webui v0.3.32 allows DoS via large POST requests.
Vulnerability
Overview In open-webui version 0.3.32, the api/v1/utils/code/format endpoint lacks any authentication mechanism, allowing unauthenticated attackers to send POST requests to this endpoint [1][2]. The endpoint's implementation does not limit the size of the request body, making it susceptible to resource exhaustion [3].
Exploitation
An attacker can exploit this vulnerability by sending a POST request with an excessively large payload (e.g., a very large string or JSON blob) to the unauthenticated endpoint. No prior authentication or network position is required; the attack can be carried out over the internet if the server is exposed [2][4]. The server may become completely unresponsive while processing the large payload, leading to denial of service.
Impact
Successful exploitation can render the server unresponsive, causing severe performance degradation or complete service interruption for legitimate users [2]. This is a high-severity denial-of-service vulnerability that can be triggered remotely without any credentials.
Mitigation
The open-webui project has not yet released a patched version as of this analysis [1]. Administrators are advised to restrict access to the endpoint via a reverse proxy or firewall, or implement authentication for the api/v1/utils/code/format endpoint as a workaround.
AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
open-webuiPyPI | <= 0.3.32 | — |
open-webuinpm | <= 0.3.32 | — |
Affected products
4- Range: = 0.3.32
- ghsa-coords2 versions
<= 0.3.32+ 1 more
- (no CPE)range: <= 0.3.32
- (no CPE)range: <= 0.3.32
- open-webui/open-webui/open-webuiv5Range: unspecified
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4News mentions
0No linked articles in our index yet.