CVE-2024-38791: Server-Side Request Forgery (SSRF) vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot allows Server Side Request For
Summary
CVE-2024-38791 is a server-side request forgery (SSRF, a flaw where an attacker tricks a server into making unwanted requests to other systems) vulnerability in the Jordy Meow AI Engine: ChatGPT Chatbot plugin that affects versions up to 2.4.7. The vulnerability allows attackers to exploit this weakness to perform unauthorized actions by manipulating the plugin's server requests.
Vulnerability Details
4.9(medium)
EPSS: 0.6%
Classification
Affected Vendors
Related Issues
CVE-2022-21727: Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for `Dequantize` is vulne
CVE-2026-22252: LibreChat is a ChatGPT clone with additional features. Prior to v0.8.2-rc2, LibreChat's MCP stdio transport accepts arbi
Original source: https://nvd.nist.gov/vuln/detail/CVE-2024-38791
First tracked: February 15, 2026 at 08:50 PM
Classified by LLM (prompt v3) · confidence: 75%