CVE-2025-69222: LibreChat is a ChatGPT clone with additional features. Version 0.8.1-rc2 is prone to a server-side request forgery (SSRF
criticalvulnerabilityLLM-Specific
security
Summary
LibreChat version 0.8.1-rc2 has a server-side request forgery vulnerability (SSRF, where an attacker tricks a server into making requests to unintended targets) because the Actions feature allows agents to access any remote service without restrictions, including internal components like the RAG API (retrieval-augmented generation system that pulls in external documents). This means attackers could potentially use LibreChat to access internal systems they shouldn't reach.
Vulnerability Details
CVSS Score
9.1(critical)
EPSS (30-day exploit probability)
EPSS: 0.2%
Classification
Attack Type
Supply Chain
Attack SophisticationModerate
Impact (CIA+S)
confidentialityintegrity
Affected Vendors
LangChain
Related Issues
Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-69222
First tracked: February 15, 2026 at 08:50 PM
Classified by LLM (prompt v3) · confidence: 92%