Primary

Context

Open WebUI Cleartext Transmission of Credentials Information Disclosure Vulnerability

Vulnerability

A vulnerability exists in Open WebUI due to the cleartext transmission of credentials, allowing network-adjacent attackers to intercept sensitive information. This issue arises from sending credentials in plaintext, which could be exploited to disclose transmitted information and potentially lead to further compromise.

Impact

Exploitation of this vulnerability could result in the unauthorized disclosure of credentials, allowing for potential further compromise of the affected system.

Remediation

The primary mitigation strategy is to restrict interaction with the product.

Added: Jan 23, 2026, 4:36 AM

Updated: Jan 23, 2026, 4:36 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.0

remediation

7.9

relevance

2.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.0

remediation

7.9

relevance

2.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Open WebUI Cleartext Transmission of Credentials Information Disclosure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Open WebUI

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating