Librechat · Librechat · CVE-2026-4276
**Name of the Vulnerable Software and Affected Versions**
LibreChat versions 0.7.0
**Description**
The LibreChat RAG API contains a log-injection flaw that enables attackers to create false log entries. The issue allows for the manipulation of log data through crafted input.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.