A vulnerability has been found in open-webui Open WebUI up to 0.9.x and classified as problematic. Impacted is the function _sanitize_proxy_path of the file backend/open_webui/routers/terminals.py of the component Terminals. The manipulation leads to relative path traversal.

This vulnerability is documented as CVE-2026-59221. The attack can be initiated remotely. There is not any exploit available.