📦 Librechat

This critical vulnerability in LibreChat allows authenticated users to execute arbitrary shell commands as root within the container via a single API request. The flaw exists in the MCP stdio transpor...

LibreChat version 0.8.1-rc2 has a server-side request forgery (SSRF) vulnerability in its Actions feature that allows attackers to make unauthorized requests to internal services. This affects all use...

This vulnerability allows attackers to delete arbitrary files on servers running vulnerable versions of LibreChat via path traversal in the /api/files endpoint. It affects all systems running LibreCha...

LibreChat through version 0.7.4-rc1 has an access control vulnerability that allows unauthorized users to modify messages belonging to other users. This affects all LibreChat deployments using vulnera...

This vulnerability allows authenticated attackers to modify the behavior of arbitrary LibreChat agents by uploading files to file contexts or file searches without proper permissions. Attackers can al...

This Server-side Request Forgery (SSRF) vulnerability in LibreChat allows authenticated users to craft malicious OpenAPI specifications that trick the LLM into making unauthorized requests from the se...

LibreChat 0.7.9 is vulnerable to denial of service attacks through the /api/memories endpoint. Attackers can submit arbitrarily large 'key' or 'value' parameters, causing null pointer errors in the Ru...

A mass assignment vulnerability in danny-avila/librechat allows attackers to manipulate sensitive fields by sending extra parameters in requests that get automatically bound to internal objects. This ...

LibreChat versions 0.0.6 through 0.7.7-rc1 have an exposed testing endpoint (/api/search/test) that allows unauthorized access to read arbitrary user chats from the Meilisearch engine. This vulnerabil...

An unhandled exception in the fs module of danny-avila/librechat allows unauthenticated attackers to crash the server by sending specially crafted file upload requests. This vulnerability affects all ...

A path traversal vulnerability in danny-avila/librechat allows attackers to write files to arbitrary locations on the server due to improper sanitization in the multer middleware. This can lead to rem...

An unauthenticated denial-of-service vulnerability in librechat allows attackers to crash the server by sending a crafted payload. The vulnerability exists in the checkBan middleware which lacks prope...

This vulnerability allows unauthenticated attackers to crash LibreChat servers by uploading large files, causing denial of service through out-of-memory errors. All instances using default multer in-m...

LibreChat version 0.8.1-rc2 has an improper access control vulnerability where authenticated users can read permissions of arbitrary agents by knowing their agent IDs. This allows attackers to view pr...

This vulnerability in LibreChat allows authenticated users to modify prompt groups in unintended ways by sending malformed JSON requests to the PATCH endpoint. The lack of input validation enables man...

LibreChat versions 0.8.0 and below expose user input in JSON parsing error messages, which can be reflected in HTTP responses. This creates a cross-site scripting (XSS) vulnerability where attackers c...

CVE-2025-66450 is a stored cross-site scripting (XSS) vulnerability in LibreChat where attackers can inject malicious code via the iconURL parameter. This code executes when users view shared chat lin...

This vulnerability allows HTML injection via crafted Accept-Language headers in librechat version 0.7.9. When exploited, attackers can inject arbitrary HTML into the <html lang=""> tag, potentially en...

This CVE describes a log injection vulnerability in LibreChat where unvalidated parameters in download APIs allow attackers to inject malicious content into application logs. This affects all LibreCha...

An improper access control vulnerability in LibreChat allows authenticated users to delete other users' prompts by manipulating the groupid parameter. This occurs because the endpoint fails to verify ...

An unhandled exception vulnerability in LibreChat allows attackers to crash the server, causing denial of service. Attackers can exploit this by sending malformed input to specific API endpoints. Whil...

This CVE describes an Insecure Direct Object Reference (IDOR) vulnerability in LibreChat's delete attachments functionality. Authenticated users can delete other users' attachments by manipulating att...