Filtered by vendor Librechat Subscriptions
Filtered by product Librechat Subscriptions
Total 3 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-52787 1 Librechat 1 Librechat 2024-11-27 9.1 Critical
An issue in the upload_documents method of libre-chat v0.0.6 allows attackers to execute a path traversal via supplying a crafted filename in an uploaded file.
CVE-2024-41704 1 Librechat 1 Librechat 2024-11-21 9.8 Critical
LibreChat through 0.7.4-rc1 does not validate the normalized pathnames of images.
CVE-2024-41703 1 Librechat 1 Librechat 2024-11-21 9.8 Critical
LibreChat through 0.7.4-rc1 has incorrect access control for message updates.