Plattform
nodejs
Komponente
librechat
Behoben in
0.8.4
CVE-2026-31943 describes a Server-Side Request Forgery (SSRF) vulnerability discovered in LibreChat, a ChatGPT clone. This flaw allows authenticated users to bypass SSRF protection mechanisms and make the server issue HTTP requests to internal network resources. The vulnerability impacts LibreChat versions prior to 0.8.3, and a patch is available in version 0.8.3.
The SSRF vulnerability in LibreChat allows an authenticated user to craft requests that the server will execute on their behalf. This bypasses intended security controls, enabling access to sensitive internal resources. Attackers could potentially access cloud metadata services (e.g., AWS 169.254.169.254), loopback addresses, and RFC1918 private IP ranges. Successful exploitation could lead to the exposure of sensitive configuration data, API keys, or other credentials stored within the internal network. The blast radius extends to any internal service accessible via HTTP from the LibreChat server.
CVE-2026-31943 was publicly disclosed on 2026-03-27. There is no indication of active exploitation at this time, and no public proof-of-concept (POC) code has been released. The vulnerability is not currently listed on the CISA KEV catalog. Given the SSRF nature and the potential for accessing sensitive internal resources, it is recommended to prioritize patching.
Organizations deploying LibreChat, particularly those with sensitive internal resources accessible via HTTP, are at risk. Shared hosting environments where LibreChat instances are running alongside other applications are also at increased risk, as a compromised LibreChat instance could be used to pivot to other services on the same host.
• nodejs / server:
journalctl -u librechat -g "isPrivateIP()"• generic web:
curl -I http://<librechat_server>/api/some_endpoint | grep -i "169.254.169.254"• generic web:
grep -r "isPrivateIP()" /opt/librechat/*disclosure
Exploit-Status
EPSS
0.03% (10% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2026-31943 is to upgrade LibreChat to version 0.8.3 or later, which includes the fix for the SSRF vulnerability. If upgrading is not immediately feasible, consider implementing a Web Application Firewall (WAF) with rules to block outbound requests to known sensitive internal IP ranges (e.g., 169.254.169.254, RFC1918 ranges). Additionally, restrict network access to the LibreChat server to only necessary internal resources. Review and tighten authentication controls to limit the number of authenticated users with access to the vulnerable functionality.
Aktualisieren Sie LibreChat auf Version 0.8.3 oder höher. Diese Version behebt die SSRF-Schwachstelle, indem sie IPv4-mapped IPv6-Adressen korrekt validiert. Das Update verhindert, dass authentifizierte Benutzer HTTP-Anfragen an interne Netzwerkressourcen senden können.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-31943 is a HIGH severity SSRF vulnerability affecting LibreChat versions prior to 0.8.3. It allows authenticated users to bypass SSRF protection and access internal resources.
You are affected if you are running LibreChat version 0.8.3 or earlier. Upgrade to version 0.8.3 to mitigate the vulnerability.
Upgrade LibreChat to version 0.8.3 or later. As a temporary workaround, implement a WAF to block outbound requests to sensitive internal IP ranges.
There is currently no evidence of active exploitation of CVE-2026-31943, but it is recommended to patch promptly due to the potential impact.
Refer to the LibreChat project's official security advisories and release notes for details on CVE-2026-31943 and the corresponding fix.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.