Low severityOSV Advisory· Published Dec 4, 2025· Updated Dec 5, 2025

CVE-2025-63681

Description

open-webui v0.6.33 is vulnerable to Incorrect Access Control. The API /api/tasks/stop/ directly accesses and cancels tasks without verifying user ownership, enabling attackers (a normal user) to stop arbitrary LLM response tasks.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
open-webuiPyPI	<= 0.6.33	—

Affected products

Openwebui/Open WebuiOSV
Range: v0.1.102, v0.1.103, v0.1.104, …

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/advisories/GHSA-frv8-gffc-37pxghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2025-63681ghsaADVISORY
github.com/TOAST-Research/pocs/blob/main/openwebui/arbitirary_task_stop/report.mdghsaWEB
github.com/open-webui/open-webui/blob/46ae3f4f5d7d4d706041bdae4ad2d802e568712b/backend/open_webui/main.pyghsaWEB

News mentions

No linked articles in our index yet.

cvss	0.065
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000