Danny-Avila

Researcher fromGitHub, Inc.
#12210of 53,632
22.4Total CVSS
Vulnerabilities · 3
Medium
1
High
2
PT-2026-28429
8.5
2026-03-27
Librechat · Librechat · CVE-2026-31943
**Name of the Vulnerable Software and Affected Versions** LibreChat versions prior to 0.8.3 **Description** LibreChat is a ChatGPT clone with additional features. Prior to version 0.8.3, the `isPrivateIP()` function in `packages/api/src/auth/domain.ts` does not correctly identify IPv4-mapped IPv6 addresses in their hex-normalized form. This allows any authenticated user to bypass Server-Side Request Forgery (SSRF) protection. Successful exploitation enables the server to make HTTP requests to internal network resources, including cloud metadata services (e.g., AWS `169.254.169.254`), loopback, and RFC1918 ranges. The vulnerable function is `isPrivateIP()`. The affected API endpoint is not explicitly mentioned. **Recommendations** Upgrade to version 0.8.3 to resolve this issue.
PT-2026-28104
7.1
2026-03-25
Danny Avila · Librechat · CVE-2026-31942
**Name of the Vulnerable Software and Affected Versions** LibreChat versions prior to 0.8.3-rc1 **Description** An Insecure Direct Object Reference (IDOR) exists in the 'PUT /api/keys' endpoint. Due to the use of the JavaScript object spread operator after setting the authenticated user's ID, an authenticated user can inject a `userId` parameter in the request body to overwrite the API keys of another user. This allows an attacker to replace a victim's API key configuration for providers such as OpenAI, Anthropic, or Azure, which could route conversations through attacker-controlled keys or cause a denial of service by providing invalid keys. **Recommendations** Update to version 0.8.3-rc1.
PT-2026-25367
6.8
2026-03-13
Librechat · Librechat · CVE-2026-31949
**Name of the Vulnerable Software and Affected Versions** LibreChat versions prior to 0.8.3-rc1 **Description** A denial of service issue exists in the `DELETE /api/convos` endpoint of LibreChat. An authenticated attacker can cause the Node.js server process to crash by submitting specially crafted requests. The issue occurs because the server attempts to destructure `req.body.arg` without first verifying its existence, leading to an unhandled TypeError that terminates the process. The `DELETE /api/convos` route handler is affected. The `req.body.arg` variable is vulnerable. **Recommendations** Update to version 0.8.3-rc1 or later.