AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2026-54025: LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, there is a vulnerability

mediumvulnerability

security

Source: NVD/CVE DatabaseJune 25, 2026CVE-2026-54025

Summary

LibreChat, a ChatGPT-like application that works with multiple AI providers, has a vulnerability in how it displays formatted text (markdown) before version 0.8.4-rc1. The marked library fails to properly escape special characters in image descriptions, allowing an attacker to hide malicious code in those descriptions. When a user views the formatted text, this hidden code executes in their browser without permission.

Solution / Mitigation

This vulnerability is fixed in version 0.8.4-rc1. Users should upgrade LibreChat to this version or later.

Vulnerability Details

CVSS Score

5.4(medium)

EPSS (30-day exploit probability)

EPSS: 0.0%

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Attack Vector

network

Attack Complexity

low

Privileges Required

low

User Interaction

required

Disclosure Date

June 25, 2026

Classification

Attack Type

Jailbreak

Attack SophisticationModerate

Impact (CIA+S)

integrityconfidentiality

Taxonomy References

CWE (Weakness Type)

CWE-79

CAPEC (Attack Pattern)

CAPEC-198 CAPEC-86

MITRE ATLAS (AI/ML Threat Technique)

Affected Vendors

LangChain

Related Issues

medium

CVE-2026-34371: LibreChat is a ChatGPT clone with additional features. Prior to 0.8.4, LibreChat trusts the name field returned by the e

Same vendorNVD/CVE Database

critical

CVE-2024-27444: langchain_experimental (aka LangChain Experimental) in LangChain before 0.1.8 allows an attacker to bypass the CVE-2023-

Similar attack

Monthly digest — independent AI security research

Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-54025

First tracked: June 25, 2026 at 02:11 PM

Classified by LLM (prompt v3) · confidence: 85%