Description
LobeHub is a work-and-lifestyle space to find, build, and collaborate with agent teammates that grow with you. Prior to 2.1.57, the /webapi/proxy endpoint on app.lobehub.com accepts a URL in the POST body and fetches it server-side without any authentication. An attacker can use this to make arbitrary outbound requests from LobeHub's infrastructure, leak Vercel deployment details, and inject cookies on the lobehub.com domain through reflected Set-Cookie headers. This vulnerability is fixed in 2.1.57.
Published: 2026-06-23
Score: 9 Critical
EPSS: 1.8% Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerable /webapi/proxy endpoint accepted a URL supplied in the POST body and fetched it server‑side without requiring any authentication. This Server‑Side Request Forgery permits an attacker to direct the LobeHub server to contact arbitrary external or internal destinations, potentially leaking Vercel deployment details and enabling reflected Set‑Cookie header injection that can affect the lobehub.com domain.

Affected Systems

All LobeHub installations supplied by the lobehub vendor with versions prior to 2.1.57. The vulnerability resides in the /webapi/proxy endpoint exposed on app.lobehub.com.

Risk and Exploitability

The CVSS score of 9 indicates a critical severity. Because the endpoint is unauthenticated, any remote system that can reach the API can trigger exploitation. The EPSS score is not available, and the vulnerability is not listed in the CISA KEV catalog. An attacker can initiate arbitrary outbound requests, exfiltrate data, or inject malicious Set‑Cookie headers, making this flaw highly actionable by threat actors.

Generated by OpenCVE AI on June 24, 2026 at 10:47 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the LobeHub instance to version 2.1.57 or later where the /webapi/proxy endpoint is removed or protected by authentication.
  • If immediate upgrade is not feasible, block outbound HTTP requests from the application server or restrict access to the /webapi/proxy endpoint until remediation is applied.
  • Review outbound network policies to ensure no other vulnerable proxy endpoints remain exposed.

Generated by OpenCVE AI on June 24, 2026 at 10:47 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-xmwj-c75x-6346 LobeHub: Unauthenticated SSRF in `/webapi/proxy`
History

Tue, 23 Jun 2026 22:15:00 +0000

Type Values Removed Values Added
First Time appeared Lobehub
Lobehub lobehub
Vendors & Products Lobehub
Lobehub lobehub

Tue, 23 Jun 2026 19:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 23 Jun 2026 18:15:00 +0000

Type Values Removed Values Added
Description LobeHub is a work-and-lifestyle space to find, build, and collaborate with agent teammates that grow with you. Prior to 2.1.57, the /webapi/proxy endpoint on app.lobehub.com accepts a URL in the POST body and fetches it server-side without any authentication. An attacker can use this to make arbitrary outbound requests from LobeHub's infrastructure, leak Vercel deployment details, and inject cookies on the lobehub.com domain through reflected Set-Cookie headers. This vulnerability is fixed in 2.1.57.
Title LobeHub: Unauthenticated SSRF in `/webapi/proxy`
Weaknesses CWE-918
References
Metrics cvssV3_1

{'score': 9, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:H'}

Subscriptions

Lobehub Lobehub
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-06-23T18:28:48.372Z

Reserved: 2026-06-11T21:15:33.872Z

Link: CVE-2026-54157

cve-icon Vulnrichment

Updated: 2026-06-23T18:28:43.071Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-24T11:00:13Z

Weaknesses
  • CWE-918

    Server-Side Request Forgery (SSRF)