A vulnerability, which was classified as critical, has been found in open-webui Open WebUI up to 0.9.x. This affects an unknown function of the file /api/v1/images/edit of the component Image Editing. The manipulation leads to permission issues.
This vulnerability is documented as CVE-2026-59227. The attack can be initiated remotely. There is not any exploit available.