A vulnerability was found in open-webui Open WebUI up to 0.9.x and classified as problematic. This impacts the function utils.chat.generate_chat_completion of the file /api/v1/tasks/moa/completions of the component Task Routes. Such manipulation leads to improper authentication.

This vulnerability is documented as CVE-2026-59225. The attack can be executed remotely. There is not any exploit available.