Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, POST /api/v1/calendars/events/{eventid}/update validates that the caller has write access to the calendar the event currently belongs to, but does not validate the destination calendarid supplied in the request body. The model layer then persists the new calendarid unconditionally. A regular user-role account can therefore create an event in their own calendar and immediately move it into any other user's calendar whose ID they know — bypassing the authorization check that createevent correctly performs. This vulnerability is fixed in 0.9.6.
{
"cwe_ids": [
"CWE-639"
],
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/54xxx/CVE-2026-54006.json",
"cna_assigner": "GitHub_M"
}{
"cpe": "cpe:2.3:a:openwebui:open_webui:*:*:*:*:*:*:*:*",
"extracted_events": [
{
"introduced": "0"
},
{
"fixed": "0.9.6"
}
],
"source": [
"AFFECTED_FIELD",
"CPE_RANGE"
]
}