2 matches found
CVE-2025-7104
A mass assignment vulnerability exists in danny-avila/librechat, affecting all versions. This vulnerability allows attackers to manipulate sensitive fields by automatically binding user-provided data to internal object properties or database fields without proper filtering. As a result, any extra...
CVE-2025-7104
CVE-2025-7104 affects librechat (danny-avila/librechat). The vulnerability is a mass assignment flaw where user-supplied data is automatically bound to internal object properties or database fields without proper filtering. As a result, extra fields in the request body are carried into agentData ...