Unknown · Meilisearch · CVE-2025-54868
**Name of the Vulnerable Software and Affected Versions**
LibreChat versions 0.0.6 through 0.7.7-rc1
**Description**
LibreChat, a ChatGPT clone, contains an exposed testing endpoint that allows unauthorized access to chats stored in the Meilisearch engine. The `/api/search/test` endpoint does not enforce proper access controls, enabling the retrieval of chats belonging to arbitrary users.
**Recommendations**
Update to version 0.7.7 or later.