CVE-2026-34371: LibreChat is a ChatGPT clone with additional features. Prior to 0.8.4, LibreChat trusts the name field returned by the e
mediumvulnerabilityLLM-Specific
security
Summary
LibreChat, a ChatGPT alternative with extra features, had a vulnerability in versions before 0.8.4 where it didn't properly validate filenames from its code execution sandbox, allowing attackers to write files anywhere on the server using path traversal (sequences like ../ that navigate to parent directories). Any user able to run code through the sandbox could exploit this to write arbitrary files with the permissions of the LibreChat server.
Solution / Mitigation
This vulnerability is fixed in version 0.8.4.
Vulnerability Details
CVSS Score
6.3(medium)
EPSS (30-day exploit probability)
EPSS: 0.0%
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:N
Attack Vector
network
Attack Complexity
high
Privileges Required
low
User Interaction
none
Disclosure Date
April 7, 2026
Classification
Attack Type
Supply Chain
Attack SophisticationTrivial
Impact (CIA+S)
integrityavailability
Taxonomy References
Affected Vendors
LangChain
Related Issues
Monthly digest — independent AI security research
Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-34371
First tracked: April 7, 2026 at 08:07 PM
Classified by LLM (prompt v3) · confidence: 85%