Lucene search
K

13 matches found

EUVD
EUVD
added 2026/06/02 10:22 p.m.17 views

EUVD-2026-34044

LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. In versions up to and including 0.7.6, an Insecure Direct Object Reference IDOR vulnerability exists in the API keys management endpoint PUT /api/keys. Due to the use of the JavaScript object spread operator after setting...

7.1CVSS5.8AI score0.00206EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/28 11:9 p.m.9 views

CVE-2026-31945

LibreChat is a ChatGPT clone with additional features. Versions 0.8.2-rc2 through 0.8.2 are vulnerable to a server-side request forgery SSRF attack when using agent actions or MCP. Although a previous SSRF vulnerability...

7.7CVSS5.9AI score0.00249EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/27 7:29 p.m.5 views

CVE-2026-31951

LibreChat is a ChatGPT clone with additional features. In versions 0.8.2-rc1 through 0.8.3-rc1, user-created MCP Model Context Protocol servers can include arbitrary HTTP headers that undergo credential placeholder substitution. An attacker can create a malicious MCP server with headers containin...

6.8CVSS6AI score0.00244EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/27 7:29 p.m.4 views

CVE-2026-31951 LibreChat's MCP Server Header Injection Enables OAuth Token Theft

LibreChat is a ChatGPT clone with additional features. In versions 0.8.2-rc1 through 0.8.3-rc1, user-created MCP Model Context Protocol servers can include arbitrary HTTP headers that undergo credential placeholder substitution. An attacker can create a malicious MCP server with headers containin...

6.8CVSS6AI score0.00244EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/27 7:23 p.m.3 views

EUVD-2026-16765

LibreChat is a ChatGPT clone with additional features. Versions 0.8.2-rc2 through 0.8.2 are vulnerable to a server-side request forgery SSRF attack when using agent actions or MCP. Although a previous SSRF vulnerability...

7.7CVSS5.9AI score0.00249EPSS
Exploits1References1
OSV
OSV
added 2026/03/27 7:23 p.m.10 views

CVE-2026-31945 LibreChat Server-Side Request Forgery using DNS resolution

LibreChat is a ChatGPT clone with additional features. Versions 0.8.2-rc2 through 0.8.2 are vulnerable to a server-side request forgery SSRF attack when using agent actions or MCP. Although a previous SSRF vulnerability...

7.7CVSS5.9AI score0.00249EPSS
Exploits1References3
CVE
CVE
added 2026/03/27 7:23 p.m.14 views

CVE-2026-31945

LibreChat (versions 0.8.2-rc2 to 0.8.2) is vulnerable to SSRF via DNS resolution in agent actions or MCP. The issue arises because prior fixes only added hostname validation and do not verify whether DNS results map to private IPs, allowing access to internal resources (e.g., internal RAG API or ...

7.7CVSS5.9AI score0.00249EPSS
Exploits1References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/26 3:7 p.m.6 views

CVE-2026-31949

LibreChat is a ChatGPT clone with additional features. Prior to 0.8.3-rc1, a Denial of Service DoS vulnerability exists in the DELETE /api/convos endpoint that allows an authenticated attacker to crash the Node.js server process by sending malformed requests. The DELETE /api/convos route handler...

6.5CVSS5.8AI score0.00377EPSS
Exploits1References1
NVD
NVD
added 2026/03/13 7:54 p.m.13 views

CVE-2026-31949

LibreChat is a ChatGPT clone with additional features. Prior to 0.8.3-rc1, a Denial of Service DoS vulnerability exists in the DELETE /api/convos endpoint that allows an authenticated attacker to crash the Node.js server process by sending malformed requests. The DELETE /api/convos route handler...

6.5CVSS0.00377EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/03/13 7:47 p.m.31 views

CVE-2026-31949 LibreChat Denial of Service (DoS) via Unhandled Exception in DELETE /api/convos

LibreChat is a ChatGPT clone with additional features. Prior to 0.8.3-rc1, a Denial of Service DoS vulnerability exists in the DELETE /api/convos endpoint that allows an authenticated attacker to crash the Node.js server process by sending malformed requests. The DELETE /api/convos route handler...

6.5CVSS0.00377EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/13 7:47 p.m.3 views

CVE-2026-31949

LibreChat is a ChatGPT clone with additional features. Prior to 0.8.3-rc1, a Denial of Service DoS vulnerability exists in the DELETE /api/convos endpoint that allows an authenticated attacker to crash the Node.js server process by sending malformed requests. The DELETE /api/convos route handler...

6.5CVSS5.8AI score0.00377EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/03/13 7:47 p.m.7 views

CVE-2026-31949 LibreChat Denial of Service (DoS) via Unhandled Exception in DELETE /api/convos

LibreChat is a ChatGPT clone with additional features. Prior to 0.8.3-rc1, a Denial of Service DoS vulnerability exists in the DELETE /api/convos endpoint that allows an authenticated attacker to crash the Node.js server process by sending malformed requests. The DELETE /api/convos route handler...

6.5CVSS5.8AI score0.00377EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/03/13 12:0 a.m.5 views

LibreChat 安全漏洞

LibreChat is an open-source, free, and highly customizable unified AI conversation platform. It allows for the aggregation and running of large models from any vendor within one interface. Versions of LibreChat prior to 0.8.3-rc1 contained a security vulnerability. This vulnerability stemmed from...

6.5CVSS5.8AI score0.00377EPSS
Exploits1References1
Rows per page
Query Builder