CVE-2025-69222

Jan. 8, 2026, 6:08 p.m.

9.1
Critical

Description

LibreChat is a ChatGPT clone with additional features. Version 0.8.1-rc2 is prone to a server-side request forgery (SSRF) vulnerability due to missing restrictions of the Actions feature in the default configuration. LibreChat enables users to configure agents with predefined instructions and actions that can interact with remote services via OpenAPI specifications, supporting various HTTP methods, parameters, and authentication methods including custom headers. By default, there are no restrictions on accessible services, which means agents can also access internal components like the RAG API included in the default Docker Compose setup. This issue is fixed in version 0.8.1-rc2.

Product(s) Impacted

Vendor Product Versions
Librechat
  • Librechat
  • 0.8.1-rc2

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-918
Server-Side Request Forgery (SSRF)
The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

*CPE(s)

Affected systems and software identified for this CVE.

Type Vendor Product Version Update Edition Language Software Edition Target Software Target Hardware Other Information
a librechat librechat 0.8.1-rc2 / / / / / / /

References

https://github.com/danny-avila/LibreChat/commit/3b41e392ba5c0d603c1737d8582875e04eaa6e02
https://github.com/danny-avila/LibreChat/releases/tag/v0.8.2-rc2
https://github.com/danny-avila/LibreChat/security/advisories/GHSA-rgjq-4q58-m3q8

Tags

[email protected]
CWE-918
2026-01-07
CVE-2025-69222

CVSS Score

9.1 / 10

CVSS Data - 3.1

  • Attack Vector: NETWORK
  • Attack Complexity: LOW
  • Privileges Required: LOW
  • Scope: CHANGED
  • Confidentiality Impact: HIGH
  • Integrity Impact: LOW
  • Availability Impact: LOW

    • CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L

    View Vector String

Timeline

Published: Jan. 7, 2026, 10:15 p.m.
Last Modified: Jan. 8, 2026, 6:08 p.m.

Status : Undergoing Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

[email protected]

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.