Librechat

Librechat

38 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.3

CVE-2026-34371

Exploit
  • EPSS 0.04%
  • Veröffentlicht 07.04.2026 21:08:13
  • Zuletzt bearbeitet 14.04.2026 19:24:03

LibreChat is a ChatGPT clone with additional features. Prior to 0.8.4, LibreChat trusts the name field returned by the execute_code sandbox when persisting code-generated artifacts. On deployments using the default local file strategy, a malicious ar...

5.7

CVE-2026-31951

Exploit
  • EPSS 0.03%
  • Veröffentlicht 27.03.2026 19:29:25
  • Zuletzt bearbeitet 30.03.2026 20:29:45

LibreChat is a ChatGPT clone with additional features. In versions 0.8.2-rc1 through 0.8.3-rc1, user-created MCP (Model Context Protocol) servers can include arbitrary HTTP headers that undergo credential placeholder substitution. An attacker can cre...

5.3

CVE-2026-31950

Exploit
  • EPSS 0.03%
  • Veröffentlicht 27.03.2026 19:25:25
  • Zuletzt bearbeitet 30.03.2026 20:32:16

LibreChat is a ChatGPT clone with additional features. In versions 0.8.2-rc2 through 0.8.2-rc3, the SSE streaming endpoint `/api/agents/chat/stream/:streamId` does not verify that the requesting user owns the stream. Any authenticated user who obtain...

7.7

CVE-2026-31945

Exploit
  • EPSS 0.04%
  • Veröffentlicht 27.03.2026 19:23:53
  • Zuletzt bearbeitet 30.03.2026 20:35:03

LibreChat is a ChatGPT clone with additional features. Versions 0.8.2-rc2 through 0.8.2 are vulnerable to a server-side request forgery (SSRF) attack when using agent actions or MCP. Although a previous SSRF vulnerability (https://github.com/danny-av...

8.5

CVE-2026-31943

Exploit
  • EPSS 0.03%
  • Veröffentlicht 27.03.2026 19:21:50
  • Zuletzt bearbeitet 31.03.2026 20:16:27

LibreChat is a ChatGPT clone with additional features. Prior to version 0.8.3, `isPrivateIP()` in `packages/api/src/auth/domain.ts` fails to detect IPv4-mapped IPv6 addresses in their hex-normalized form, allowing any authenticated user to bypass SSR...

9

CVE-2026-33265

Exploit
  • EPSS 0.06%
  • Veröffentlicht 18.03.2026 11:17:45
  • Zuletzt bearbeitet 24.03.2026 18:40:34

In LibreChat 0.8.1-rc2, a logged-in user obtains a JWT for both the LibreChat API and the RAG API.

8

CVE-2025-41258

Exploit
  • EPSS 0.06%
  • Veröffentlicht 18.03.2026 11:08:19
  • Zuletzt bearbeitet 24.03.2026 18:41:38

LibreChat version 0.8.1-rc2 uses the same JWT secret for the user session mechanism and RAG API which compromises the service-level authentication of the RAG API.

7.6

CVE-2026-31944

Exploit
  • EPSS 0.03%
  • Veröffentlicht 13.03.2026 19:54:39
  • Zuletzt bearbeitet 17.03.2026 12:39:41

LibreChat is a ChatGPT clone with additional features. From 0.8.2 to 0.8.2-rc3, The MCP (Model Context Protocol) OAuth callback endpoint accepts the redirect from the identity provider and stores OAuth tokens for the user who initiated the flow, with...

6.5

CVE-2026-31949

Exploit
  • EPSS 0.05%
  • Veröffentlicht 13.03.2026 19:54:39
  • Zuletzt bearbeitet 17.03.2026 12:26:45

LibreChat is a ChatGPT clone with additional features. Prior to 0.8.3-rc1, a Denial of Service (DoS) vulnerability exists in the DELETE /api/convos endpoint that allows an authenticated attacker to crash the Node.js server process by sending malforme...

9.9

CVE-2026-22252

Medienbericht Exploit
  • EPSS 0.06%
  • Veröffentlicht 12.01.2026 18:01:48
  • Zuletzt bearbeitet 15.01.2026 22:46:28

LibreChat is a ChatGPT clone with additional features. Prior to v0.8.2-rc2, LibreChat's MCP stdio transport accepts arbitrary commands without validation, allowing any authenticated user to execute shell commands as root inside the container through ...