{"data":{"id":"c7a5a666-3d8f-4b4e-829b-252460afa5b2","title":"CVE-2026-44654: LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. In versions up to and including 0.8.3, a sha","summary":"LibreChat (a ChatGPT-like tool that connects to multiple AI providers) has a security flaw in versions up to 0.8.3 where someone with editing access to a shared agent can delete files globally, breaking the owner's separate private agents that use the same files. This is a cross-agent integrity violation, meaning one agent's access should not affect another agent's files.","solution":"Version 0.8.4 contains a patch.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2026-44654","publishedAt":"2026-06-02T23:16:38.260Z","cveId":"CVE-2026-44654","cweIds":["CWE-863"],"cvssScore":null,"cvssSeverity":null,"severity":"high","attackType":[],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":["LangChain"],"affectedVendorsRaw":["LibreChat"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0,"patchAvailable":null,"disclosureDate":"2026-06-02T23:16:38.260Z","capecIds":["CAPEC-122"],"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","availability"],"aiComponentTargeted":"api","llmSpecific":false,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}