Description
In LibreChat 0.8.1-rc2, a logged-in user obtains a JWT for both the LibreChat API and the RAG API.
Published: 2026-03-18
Score: 6.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Unrestricted access to the RAG API via JWT reuse
Action: Immediate Patch
AI Analysis

Impact

An authenticated LibreChat user can retrieve a JSON Web Token that authorizes them to call the RAG API, bypassing the intended separation between the LibreChat API and the RAG API. Because the token can be used to invoke any operation that the RAG API supports, an attacker might read, update, or delete RAG‑specific data, thereby impacting confidentiality and integrity. The flaw is classified as CWE‑669, an unintended cross‑component access control violation. Based on the description, it is inferred that the misuse of the token would allow the attacker to perform the full set of RAG API actions, which could include sensitive data exposure or alteration.

Affected Systems

The vulnerability targets LibreChat version 0.8.1‑rc2, affecting all deployments of that release on any platform. The issue resides in the token issuance endpoint for that specific release; newer stable releases that contain the fixed logic are not affected at this time.

Risk and Exploitability

The CVSS score of 6.3 denotes medium severity, while the EPSS score of less than 1% indicates a low likelihood of exploitation currently. The attack vector requires the user to be already authenticated to the application, so it is local from an attacker’s perspective (or requires compromised credentials). No public exploits are documented, as the vulnerability is not listed in CISA’s KEV catalog. Nonetheless, the potential for data compromise or policy violation remains significant for organizations running the affected version.

Generated by OpenCVE AI on March 24, 2026 at 19:54 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade LibreChat to the latest stable release that includes the fixed token issuance logic
  • If an update is not immediately available, revoke any existing RAG API JWTs issued by the vulnerable release and enforce stricter token generation rules
  • Restrict network access to the RAG API to trusted hosts or internal segments via firewall or API gateway controls

Generated by OpenCVE AI on March 24, 2026 at 19:54 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 25 Mar 2026 12:00:00 +0000

Type Values Removed Values Added
Title LibreChat 0.8.1-rc2 JWT Retrieval Lapse Leading to RAG API Authentication Bypass

Tue, 24 Mar 2026 18:45:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:librechat:librechat:0.8.1:rc2:*:*:*:*:*:*

Tue, 24 Mar 2026 13:30:00 +0000

Type Values Removed Values Added
Title LibreChat 0.8.1-rc2 JWT Retrieval Lapse Leading to RAG API Authentication Bypass

Thu, 19 Mar 2026 09:45:00 +0000

Type Values Removed Values Added
First Time appeared Librechat
Librechat librechat
Vendors & Products Librechat
Librechat librechat

Wed, 18 Mar 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 18 Mar 2026 11:30:00 +0000

Type Values Removed Values Added
Description In LibreChat 0.8.1-rc2, a logged-in user obtains a JWT for both the LibreChat API and the RAG API.
Weaknesses CWE-669
References
Metrics cvssV3_1

{'score': 6.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L'}

Subscriptions

Librechat Librechat
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-03-18T14:04:31.080Z

Reserved: 2026-03-18T11:17:44.668Z

Link: CVE-2026-33265

cve-icon Vulnrichment

Updated: 2026-03-18T14:03:20.385Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-18T12:16:19.850

Modified: 2026-03-24T18:40:34.633

Link: CVE-2026-33265

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-25T11:52:49Z

Weaknesses