CVE-2025-69221

Name of the Vulnerable Software and Affected Versions LibreChat versions prior to 0.8.2-rc2

Description LibreChat, a ChatGPT clone with additional features, does not properly enforce access control when querying agent permissions in version 0.8.1-rc2. An authenticated attacker can read the permissions of arbitrary agents, even if they do not have permissions for that agent. The software allows the configuration of agents with predefined instructions and context. While private agents are intended to be invisible to other users, an attacker knowing the agent ID can access their permissions, including permissions assigned to other users.

Recommendations Update to version 0.8.2-rc2 or later.