All 31 CVE vulnerabilities found in LibreChat, with AI-generated Chinese analysis, references, and POCs.
LibreChat is an open-source artificial intelligence interface that aggregates multiple chatbot models, including OpenAI, Google PaLM, and Anthropic Claude, into a single web-based platform. This page collects and catalogues publicly disclosed security vulnerabilities, configuration weaknesses, and potential exploitation vectors associated with the LibreChat product and its underlying dependencies. The data covers incidents reported from the initial release through the most recent advisory updates, ensuring a comprehensive historical view of the software’s security posture. By reviewing this aggregated information, users can track specific vendor advisories to understand the context and severity of reported issues, analyze trends within a particular weakness class to identify systemic risks, and look up a product's vulnerability history to assess the stability of their deployment. This resource serves as a technical reference for security analysts and administrators who need to evaluate the risk landscape surrounding LibreChat deployments. The entries include details on affected versions, patch availability, and recommended mitigation strategies where applicable, allowing stakeholders to make informed decisions about updating or configuring their systems. Understanding these vulnerabilities is critical for maintaining the integrity of AI-assisted workflows that rely on LibreChat as a central hub. The information presented here is compiled from public sources and official project communications, providing a neutral and factual overview of known issues.
Vendor: danny-avila
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-54868 | LibreChat exposes arbitrary chats through Meilisearch engine CWE-285 | 7.5 | High | 2025-08-05 |
All 31 known CVE vulnerabilities affecting LibreChat with full Chinese analysis, references, and POCs where available.