CNNVD-202508-303 Information
Aug 05, 2025
cve
CNNVD ID
CNNVD-202508-303
Related CVE
- CNNVD Published: 2025-08-05
Description (Chinese)
LibreChat是Danny Avila个人开发者的一个增强的 ChatGPT 克隆。 LibreChat 0.0.6至0.7.7-rc1版本存在授权问题漏洞,该漏洞源于测试端点暴露,可能导致任意用户聊天记录泄露。
Description (English)
LibreChat is an enhanced ChatGPT clone of Danny Avila’s personal developer. LibreChat 0.0.6 to 0.7.7-rc1 had a mandate gap, which stemmed from the exposure of the test endpoint and could lead to the disclosure of random user chat records.
Hazard Level
Medium
Vulnerability Type
授权问题
Affected Vendor
个人开发者
Published
2025-08-05
Last Modified
2026-02-24
References
https://github.com/danny-avila/LibreChat/security/advisories/GHSA-p5j8-m4wh-ffmw https://github.com/danny-avila/LibreChat/commit/0e8041bcac616949c42a68dfb8f108ccc4db5151 https://nvd.nist.gov/vuln/detail/CVE-2025-54868
Patch
https://www.librechat.ai/changelog
Share on: