Librechat

Librechat

45 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.5

CVE-2026-31943

Exploit
  • EPSS 0.21%
  • Veröffentlicht 27.03.2026 19:21:50
  • Zuletzt bearbeitet 31.03.2026 20:16:27

LibreChat is a ChatGPT clone with additional features. Prior to version 0.8.3, `isPrivateIP()` in `packages/api/src/auth/domain.ts` fails to detect IPv4-mapped IPv6 addresses in their hex-normalized form, allowing any authenticated user to bypass SSR...

9

CVE-2026-33265

Exploit
  • EPSS 0.23%
  • Veröffentlicht 18.03.2026 11:17:45
  • Zuletzt bearbeitet 24.03.2026 18:40:34

In LibreChat 0.8.1-rc2, a logged-in user obtains a JWT for both the LibreChat API and the RAG API.

8

CVE-2025-41258

Exploit
  • EPSS 0.34%
  • Veröffentlicht 18.03.2026 11:08:19
  • Zuletzt bearbeitet 24.03.2026 18:41:38

LibreChat version 0.8.1-rc2 uses the same JWT secret for the user session mechanism and RAG API which compromises the service-level authentication of the RAG API.

7.5

CVE-2026-4276

Medienbericht
  • EPSS 0.28%
  • Veröffentlicht 16.03.2026 15:31:35
  • Zuletzt bearbeitet 05.06.2026 19:59:52

LibreChat RAG API, version 0.7.0, contains a log-injection vulnerability that allows attackers to forge log entries.

6.5

CVE-2026-31949

Exploit
  • EPSS 0.38%
  • Veröffentlicht 13.03.2026 19:54:39
  • Zuletzt bearbeitet 17.03.2026 12:26:45

LibreChat is a ChatGPT clone with additional features. Prior to 0.8.3-rc1, a Denial of Service (DoS) vulnerability exists in the DELETE /api/convos endpoint that allows an authenticated attacker to crash the Node.js server process by sending malforme...

7.6

CVE-2026-31944

Exploit
  • EPSS 0.24%
  • Veröffentlicht 13.03.2026 19:54:39
  • Zuletzt bearbeitet 17.03.2026 12:39:41

LibreChat is a ChatGPT clone with additional features. From 0.8.2 to 0.8.2-rc3, The MCP (Model Context Protocol) OAuth callback endpoint accepts the redirect from the identity provider and stores OAuth tokens for the user who initiated the flow, with...

9.9

CVE-2026-22252

Medienbericht Exploit
  • EPSS 3.68%
  • Veröffentlicht 12.01.2026 18:01:48
  • Zuletzt bearbeitet 15.01.2026 22:46:28

LibreChat is a ChatGPT clone with additional features. Prior to v0.8.2-rc2, LibreChat's MCP stdio transport accepts arbitrary commands without validation, allowing any authenticated user to execute shell commands as root inside the container through ...

8.1

CVE-2025-69222

Medienbericht Exploit
  • EPSS 4.09%
  • Veröffentlicht 07.01.2026 21:17:17
  • Zuletzt bearbeitet 15.01.2026 21:36:03

LibreChat is a ChatGPT clone with additional features. Version 0.8.1-rc2 is prone to a server-side request forgery (SSRF) vulnerability due to missing restrictions of the Actions feature in the default configuration. LibreChat enables users to config...

4.3

CVE-2025-69221

Medienbericht Exploit
  • EPSS 0.24%
  • Veröffentlicht 07.01.2026 21:01:13
  • Zuletzt bearbeitet 15.01.2026 21:45:38

LibreChat is a ChatGPT clone with additional features. Version 0.8.1-rc2 does not enforce proper access control when querying agent permissions. An authenticated attacker can read the permissions of arbitrary agents, even if they have no permissions ...

5.9

CVE-2025-69220

Medienbericht Exploit
  • EPSS 0.28%
  • Veröffentlicht 07.01.2026 20:49:00
  • Zuletzt bearbeitet 15.01.2026 21:44:57

LibreChat is a ChatGPT clone with additional features. Version 0.8.1-rc2 does not enforce proper access control for file uploads to an agents file context and file search. An authenticated attacker with access to the agent ID can change the behavior ...