Jaehonam

**Name of the Vulnerable Software and Affected Versions** LibreChat versions 0.8.2-rc2 through 0.8.2 **Description** LibreChat, a ChatGPT clone with additional features, has a server-side request forgery (SSRF) issue in versions 0.8.2-rc2 through 0.8.2 when utilizing agent actions or MCP. A prior SSRF fix only implemented hostname validation and did not prevent DNS resolution to private IP addresses. This allows attackers to bypass the protection and access internal resources, such as an internal RAG API or cloud instance metadata endpoints. The vulnerable component does not verify whether DNS resolution results in a private IP address. **Recommendations** Update to version 0.8.3-rc1 or later.