Lucene search
K

60 matches found

NVD
NVD
added 2026/06/25 5:16 p.m.8 views

CVE-2026-54033

LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, LibreChat allows users to configure custom OpenAI-compatible API endpoints by setting a baseURL. This URL is used to construct HTTP requests without any SSRF validation — no private IP check, no scheme...

7.7CVSS0.00207EPSS
Exploits1References1
NVD
NVD
added 2026/06/25 5:16 p.m.7 views

CVE-2026-54029

LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the DELETE /api/messages/:conversationId/:messageId endpoint allows any authenticated user to delete any other user's messages. The validateMessageReq middleware only validates that the conversationId...

6.5CVSS0.00159EPSS
Exploits2References1
NVD
NVD
added 2026/06/25 4:16 p.m.11 views

CVE-2026-54036

LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the GET /api/auth/2fa/enable endpoint can be called by an authenticated user or attacker with a stolen session even when 2FA is already fully enabled on the account. This endpoint overwrites the existi...

8.1CVSS0.00213EPSS
Exploits1References1
CVE
CVE
added 2026/06/25 3:53 p.m.9 views

CVE-2026-54025

LibreChat suffers a stored XSS in its Markdown artifact preview prior to version 0.8.4-rc1. The vulnerability arises because lib re uses marked v15.0.12 to render image alt text without HTML-escaping double quotes when the custom image renderer defers to the default renderer. LibreChat’s generate...

5.4CVSS6AI score0.0014EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/06/25 3:51 p.m.30 views

CVE-2026-54029 LibreChat: IDOR in Message Deletion — Incomplete Fix for CVE-2024-41703 Leaves deleteMessages() Without User Filter

LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the DELETE /api/messages/:conversationId/:messageId endpoint allows any authenticated user to delete any other user's messages. The validateMessageReq middleware only validates that the conversationId...

5.3CVSS0.00159EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2026/06/25 3:51 p.m.7 views

CVE-2026-54029 LibreChat: IDOR in Message Deletion — Incomplete Fix for CVE-2024-41703 Leaves deleteMessages() Without User Filter

LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the DELETE /api/messages/:conversationId/:messageId endpoint allows any authenticated user to delete any other user's messages. The validateMessageReq middleware only validates that the conversationId...

5.3CVSS5.8AI score0.00353EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.9 views

PT-2026-52491

Name of the Vulnerable Software and Affected Versions LibreChat versions prior to 0.8.4-rc1 Description A flaw exists in the markdown artifact preview pipeline. The generateMarkdownHtml function located in client/src/utils/markdown.ts utilizes a custom image renderer that triggers a fallback to t...

5.4CVSS6AI score0.0014EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/04/07 9:8 p.m.7 views

CVE-2026-34371

LibreChat is a ChatGPT clone with additional features. Prior to 0.8.4, LibreChat trusts the name field returned by the executecode sandbox when persisting code-generated artifacts. On deployments using the default local file strategy, a malicious artifact filename containing traversal sequences f...

6AI score0.00258EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2026/04/07 9:8 p.m.6 views

EUVD-2026-19946

LibreChat is a ChatGPT clone with additional features. Prior to 0.8.4, LibreChat trusts the name field returned by the executecode sandbox when persisting code-generated artifacts. On deployments using the default local file strategy, a malicious artifact filename containing traversal sequences f...

6.3CVSS6AI score0.00258EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/28 11:9 p.m.3 views

CVE-2026-31950

LibreChat is a ChatGPT clone with additional features. In versions 0.8.2-rc2 through 0.8.2-rc3, the SSE streaming endpoint /api/agents/chat/stream/:streamId does not verify that the requesting user owns the stream. Any authenticated user who obtains or guesses a valid stream ID can subscribe and...

5.3CVSS5.9AI score0.00208EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/27 7:23 p.m.3 views

EUVD-2026-16765

LibreChat is a ChatGPT clone with additional features. Versions 0.8.2-rc2 through 0.8.2 are vulnerable to a server-side request forgery SSRF attack when using agent actions or MCP. Although a previous SSRF vulnerability...

7.7CVSS5.9AI score0.00249EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/03/18 11:8 a.m.8 views

CVE-2025-41258 LibreChat RAG API Authentication Bypass

LibreChat version 0.8.1-rc2 uses the same JWT secret for the user session mechanism and RAG API which compromises the service-level authentication of the RAG API...

8CVSS5.8AI score0.00344EPSS
Exploits1References2
Chainguard
Chainguard
added 2026/02/04 7:17 p.m.14 views

CVE-2025-14874 vulnerabilities

Vulnerabilities for packages: kibana, langfuse, librechat, jitsucom-jitsu...

7.5CVSS7AI score0.00409EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2026/02/02 10:36 a.m.4 views

CVE-2025-7105 Denial of Service via JavaScript Memory Overflow in danny-avila/librechat

A vulnerability in danny-avila/librechat allows attackers to exploit the unrestricted Fork Function in /api/convos/fork to fork numerous contents rapidly. If the forked content includes a Mermaid graph with a large number of nodes, it can lead to a JavaScript heap out of memory error upon service...

5.7CVSS5.4AI score0.00279EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/07 12:0 a.m.18 views

PT-2026-1932

Name of the Vulnerable Software and Affected Versions LibreChat versions prior to 0.8.2-rc2 Description LibreChat, a ChatGPT clone, does not properly control access when uploading files to an agent's file context or during file searches in version 0.8.1-rc2. An authenticated attacker who knows an...

7.1CVSS6.4AI score0.00282EPSS
Exploits1References10
RedhatCVE
RedhatCVE
added 2025/12/12 11:7 p.m.5 views

CVE-2025-66452

LibreChat is a ChatGPT clone with additional features. In versions 0.8.0 and below, there is no handler for JSON parsing errors; SyntaxError from express.json includes user input in the error message, which gets reflected in responses. User input including HTML/JavaScript can be exposed in error...

6.1CVSS6.2AI score0.00184EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/04 6:17 p.m.20 views

CVE-2025-66201

LibreChat is a ChatGPT clone with additional features. Prior to version 0.8.1-rc2, LibreChat is vulnerable to Server-side Request Forgery SSRF, by passing specially crafted OpenAPI specs to its "Actions" feature and making the LLM use those actions. It could be used by an authenticated user with...

8.6CVSS6.7AI score0.00255EPSS
Exploits1References1
CVE
CVE
added 2025/10/30 11:42 p.m.25 views

CVE-2025-8849

LibreChat 0.7.9 is affected by a DoS due to unbounded input sizes on /api/memories (parameters key and value). Large inputs trigger a null pointer in the Rust backend, making it impossible to create new memories and destabilizing the service. A remediation suggestion appears in PT-2025-44563: lim...

7.5CVSS6.5AI score0.00313EPSS
Exploits1References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/10/23 2:15 p.m.4 views

CVE-2025-8848

A vulnerability in danny-avila/librechat version 0.7.9 allows for HTML injection via the Accept-Language header. When a logged-in user sends an HTTP GET request with a crafted Accept-Language header, arbitrary HTML can be injected into the tag of the response. This can lead to potential security...

5.4CVSS6.1AI score0.00423EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-7052

Malicious code in bioql PyPI...

9.4CVSS9.2AI score0.00516EPSS
Exploits1References3
Rows per page
Query Builder