CVE-2026-4276
CVE-2026-4276 — LibreChat RAG API 0.7.0 is affected by a log-injection vulnerability caused by improper sanitization of input written to system logs. An authenticated attacker can forge log entries by injecting CRLF characters into the file_id field of a POST request, compromising audit trails. R...