CNNVD-202509-1728 Information
Sep 11, 2025
cve
CNNVD ID
CNNVD-202509-1728
Related CVE
- CNNVD Published: 2025-09-11
Description (Chinese)
LibreChat是Danny Avila个人开发者的一个增强的 ChatGPT 克隆。 LibreChat 0.7.8版本存在授权问题漏洞,该漏洞源于对话共享功能授权控制不当,可能导致未授权访问其他用户对话。
Description (English)
LibreChat is an enhanced ChatGPT clone of Danny Avila’s personal developer. Version LibreChat 0.7.8 has a mandate gap, which stems from inadequate control of dialogue-sharing functions and may lead to unauthorized access to other user dialogues.
Hazard Level
High
Vulnerability Type
授权问题
Affected Vendor
个人开发者
Published
2025-09-11
Last Modified
2026-02-24
References
https://github.com/danny-avila/librechat/commit/3af2666890bbf291cb7b9f3e03592d54714f0ff5 https://huntr.com/bounties/361405bb-a739-41eb-a680-4cb6193e7c76
Patch
https://github.com/danny-avila/LibreChat/releases
Share on: