Logggg2402

**Name of the Vulnerable Software and Affected Versions** LibreChat versions prior to 0.8.4 **Description** Users with only `VIEW` access to an MCP server can retrieve decrypted admin-managed secrets. This occurs through the endpoints "/api/mcp/servers" and "/api/mcp/servers/:serverName", where the returned configuration includes plaintext values for the variables `apiKey.key` and `oauth.client secret`. This allows unauthorized users to exfiltrate provider credentials. **Recommendations** Update to version 0.8.4. Redact `apiKey.key` and `oauth.client secret` from all API responses. Avoid returning decrypted admin-managed secrets to non-owners, using boolean presence indicators or server-side placeholders instead.

Name of the Vulnerable Software and Affected Versions LibreChat versions prior to 0.8.4 Description LibreChat, a ChatGPT clone, is susceptible to an arbitrary file write due to insufficient sanitization of filenames returned by the execute code sandbox. Specifically, the `name` field from the sandbox is directly used to construct the destination path for code-generated artifacts without proper validation. This allows a user triggering the `execute code` function to write files to arbitrary locations on the server using path traversal sequences (e.g., `../../../../../app/client/dist/poc.txt`) within the filename. The server user's privileges are used for the file write operation. Recommendations Update LibreChat to version 0.8.4 or later.