CVE-2025-66201: LibreChat is a ChatGPT clone with additional features. Prior to version 0.8.1-rc2, LibreChat is vulnerable to Server-sid
Summary
LibreChat, a ChatGPT alternative with extra features, had a vulnerability in versions before 0.8.1-rc2 where an authenticated user could exploit the "Actions" feature by uploading malicious OpenAPI specs (interface documents that describe how to connect to external services) to perform SSRF (server-side request forgery, where the server itself is tricked into accessing restricted URLs on the attacker's behalf). This could allow attackers to reach sensitive services like cloud metadata endpoints that are normally hidden from regular users.
Solution / Mitigation
Update LibreChat to version 0.8.1-rc2 or later, where this issue has been patched.
Vulnerability Details
8.1(high)
EPSS: 0.1%
Classification
Affected Vendors
Related Issues
Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-66201
First tracked: February 15, 2026 at 08:50 PM
Classified by LLM (prompt v3) · confidence: 92%