CNNVD-202511-3049 Information

CNNVD ID

CNNVD-202511-3049

Related CVE

CVE-2025-66201

• CNNVD Published: 2025-11-29

Description (Chinese)

LibreChat是Danny Avila个人开发者的一个增强的 ChatGPT 克隆。 LibreChat 0.8.1-rc2之前版本存在代码问题漏洞，该漏洞源于Actions功能存在服务端请求伪造，可能导致服务器冒充。

Description (English)

LibreChat is an enhanced ChatGPT clone of Danny Avila’s personal developer. The pre-libreChat 0.8.1-rc2 version had a code problem gap, which stemmed from the existence of a service-end request for forgery of the actions function, which could lead to an impostor on the server.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

个人开发者

Published

2025-11-29

Last Modified

2026-02-24

References

https://github.com/danny-avila/LibreChat/security/advisories/GHSA-7m2q-fjwr-5x8v https://access.redhat.com/security/cve/cve-2025-66201

Patch

https://www.librechat.ai/