Plateforme
nodejs
Composant
librechat
Corrigé dans
0.8.3
CVE-2026-31945 describes a server-side request forgery (SSRF) vulnerability discovered in LibreChat, a ChatGPT clone. This flaw allows attackers to bypass hostname validation and potentially access internal resources within the LibreChat environment. The vulnerability impacts versions 0.8.2-rc2 through 0.8.2. A fix is available in version 0.8.3-rc1.
The SSRF vulnerability in LibreChat allows an attacker to craft malicious requests that appear to originate from the LibreChat server itself. Because the hostname validation is insufficient, DNS resolution of a hostname to a private IP address bypasses the intended protection. This enables access to internal services that should be inaccessible from the outside world. For example, an attacker could potentially access an internal Retrieval-Augmented Generation (RAG) API, retrieve sensitive data from a cloud instance's metadata endpoint, or even interact with other internal services exposed within the same network. The blast radius extends to any internal resource accessible via HTTP/HTTPS from the LibreChat server.
CVE-2026-31945 was published on 2026-03-27. While no public proof-of-concept (PoC) has been released, the vulnerability's nature and the bypass of existing hostname validation suggest a moderate exploitation probability. The EPSS score is likely to be medium, reflecting the potential for significant impact if exploited. This vulnerability builds upon a previous SSRF issue in LibreChat, highlighting a recurring pattern of insufficient input validation.
Organizations deploying LibreChat, particularly those with internal APIs or cloud infrastructure accessible from the same network as the LibreChat server, are at risk. Shared hosting environments where LibreChat is installed alongside other applications are also vulnerable, as a successful SSRF attack could potentially compromise other services on the same host.
• nodejs / server:
journalctl -u librechat -f | grep -i "server-side request forgery"• generic web:
curl -I http://<librechat_server>/agent_actions/some_internal_ip | grep -i "internal_resource"• generic web:
grep -r "internal_resource" /var/log/nginx/access.logdisclosure
Statut de l'Exploit
EPSS
0.03% (percentile 10%)
CISA SSVC
Vecteur CVSS
The primary mitigation for CVE-2026-31945 is to upgrade LibreChat to version 0.8.3-rc1 or later, which includes the corrected hostname validation. If upgrading is not immediately feasible, consider implementing a Web Application Firewall (WAF) with rules to block outbound requests to internal IP addresses or known sensitive endpoints. Additionally, restrict network access to the LibreChat server to only necessary ports and services. Review and harden the configuration of any internal resources that could be targeted by an SSRF attack. After upgrading, confirm the fix by attempting to access an internal resource via LibreChat's agent actions or MCP and verifying that the request is blocked.
Actualice LibreChat a la versión 0.8.3-rc1 o posterior. Esta versión contiene una corrección para la vulnerabilidad SSRF que permite el acceso a recursos internos a través de la resolución DNS. La actualización evitará que atacantes exploten esta vulnerabilidad.
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2026-31945 is a server-side request forgery vulnerability in LibreChat versions 0.8.2-rc2 through 0.8.2, allowing attackers to access internal resources by bypassing hostname validation.
You are affected if you are running LibreChat versions 0.8.2-rc2 or 0.8.2 and have not upgraded to 0.8.3-rc1 or later.
Upgrade LibreChat to version 0.8.3-rc1 or later to remediate the SSRF vulnerability. Consider WAF rules as a temporary workaround.
While no active exploitation has been confirmed, the vulnerability's nature suggests a moderate risk of exploitation.
Refer to the LibreChat security advisory on GitHub: https://github.com/danny-avila/LibreChat/security/advisories/GHSA-rgjq-4q58-m3q8
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.