14 matches found
GHSA-8FFJ-4HX4-9PGF lightrag-hku: JWT Algorithm Confusion Vulnerability
Summary The LightRAG API is vulnerable to a JWT algorithm confusion attack where an attacker can forge tokens by specifying 'alg': 'none' in the JWT header. Since the jwt.decode call does not explicitly deny the 'none' algorithm, a crafted token without a signature will be accepted as valid,...
lightrag-hku: JWT Algorithm Confusion Vulnerability
Summary The LightRAG API is vulnerable to a JWT algorithm confusion attack where an attacker can forge tokens by specifying 'alg': 'none' in the JWT header. Since the jwt.decode call does not explicitly deny the 'none' algorithm, a crafted token without a signature will be accepted as valid,...
CVE-2026-33265
In LibreChat 0.8.1-rc2, a logged-in user obtains a JWT for both the LibreChat API and the RAG API...
CVE-2025-41258
LibreChat version 0.8.1-rc2 uses the same JWT secret for the user session mechanism and RAG API which compromises the service-level authentication of the RAG API...
CVE-2026-33265
In LibreChat 0.8.1-rc2, a logged-in user obtains a JWT for both the LibreChat API and the RAG API...
CVE-2026-33265
In LibreChat 0.8.1-rc2, a logged-in user obtains a JWT for both the LibreChat API and the RAG API...
CVE-2025-41258 LibreChat RAG API Authentication Bypass
LibreChat version 0.8.1-rc2 uses the same JWT secret for the user session mechanism and RAG API which compromises the service-level authentication of the RAG API...
PT-2026-26054
CVE-2026-33265 In LibreChat 0.8.1-rc2, a logged-in user obtains a JWT for both the LibreChat API and the RAG API. https://t.co/i9mMVjDhcg...
CVE-2026-4276 LibreChat RAG API, version 0.7.0, contains a log-injection vulnerability that allows attackers to forge log entries.
LibreChat RAG API, version 0.7.0, contains a log-injection vulnerability that allows attackers to forge log entries...
CVE-2025-69222
LibreChat is a ChatGPT clone with additional features. Version 0.8.1-rc2 is prone to a server-side request forgery SSRF vulnerability due to missing restrictions of the Actions feature in the default configuration. LibreChat enables users to configure agents with predefined instructions and actio...
CVE-2025-69222 LibreChat is vulnerable to Server-Side Request Forgery due to missing restrictions
LibreChat is a ChatGPT clone with additional features. Version 0.8.1-rc2 is prone to a server-side request forgery SSRF vulnerability due to missing restrictions of the Actions feature in the default configuration. LibreChat enables users to configure agents with predefined instructions and actio...
CVE-2025-69222
CVE-2025-69222 affects LibreChat (v0.8.1-rc2 and prior) with a server-side request forgery (SSRF) due to missing restrictions in the default Actions configuration. The issue arises because agents can be configured with predefined instructions and actions via OpenAPI, enabling access to arbitrary ...
CVE-2025-69222 LibreChat is vulnerable to Server-Side Request Forgery due to missing restrictions
LibreChat is a ChatGPT clone with additional features. Version 0.8.1-rc2 is prone to a server-side request forgery SSRF vulnerability due to missing restrictions of the Actions feature in the default configuration. LibreChat enables users to configure agents with predefined instructions and actio...
CVE-2025-69222 LibreChat is vulnerable to Server-Side Request Forgery due to missing restrictions
LibreChat is a ChatGPT clone with additional features. Version 0.8.1-rc2 is prone to a server-side request forgery SSRF vulnerability due to missing restrictions of the Actions feature in the default configuration. LibreChat enables users to configure agents with predefined instructions and actio...