{"data":{"id":"002fac34-36e4-4ab0-ac4e-cb1a69d317e6","title":"CVE-2026-34371: LibreChat is a ChatGPT clone with additional features. Prior to 0.8.4, LibreChat trusts the name field returned by the e","summary":"LibreChat, a ChatGPT alternative with extra features, had a vulnerability in versions before 0.8.4 where it didn't properly validate filenames from its code execution sandbox, allowing attackers to write files anywhere on the server using path traversal (sequences like ../ that navigate to parent directories). Any user able to run code through the sandbox could exploit this to write arbitrary files with the permissions of the LibreChat server.","solution":"This vulnerability is fixed in version 0.8.4.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2026-34371","publishedAt":"2026-04-07T22:16:22.227Z","cveId":"CVE-2026-34371","cweIds":["CWE-22"],"cvssScore":"6.3","cvssSeverity":"medium","severity":"medium","attackType":["supply_chain"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":["LangChain"],"affectedVendorsRaw":["LibreChat"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:N","attackVector":"network","attackComplexity":"high","privilegesRequired":"low","userInteraction":"none","exploitMaturity":"unknown","epssScore":0,"patchAvailable":null,"disclosureDate":"2026-04-07T22:16:22.227Z","capecIds":["CAPEC-126"],"crossRefCount":0,"attackSophistication":"trivial","impactType":["integrity","availability"],"aiComponentTargeted":"inference","llmSpecific":true,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":["AML.T0010"]}}