CVE-2025-66201HIGH 8.1EPSS p15.5%

CVE-2025-66201CVE-2025-66201

Description

LibreChat is a ChatGPT clone with additional features. Prior to version 0.8.1-rc2, LibreChat is vulnerable to Server-side Request Forgery (SSRF), by passing specially crafted OpenAPI specs to its "Actions" feature and making the LLM use those actions. It could be used by an authenticated user with access to this feature to access URLs only accessible to the LibreChat server (such as cloud metadata services, through which impersonation of the server might be possible). This issue has been patched in version 0.8.1-rc2.

Scoring

CVSS 3.18.1 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
EPSS0.25% probability of exploitation · percentile 15.5% · 2026-06-19T12:03:05Z
Published2025-11-29
Last modified2025-12-03

Underlying weaknesses· 2

CWE-20CWE-918

References

  1. https://github.com/danny-avila/LibreChat/security/advisories/GHSA-7m2q-fjwr-5x8v
  2. https://github.com/danny-avila/LibreChat/security/advisories/GHSA-7m2q-fjwr-5x8v

2

TypeTargetConfidenceTier
WeaknessImproper Input Validationcwe-200%live
WeaknessServer-Side Request Forgery (SSRF)cwe-9180%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-69222
CVE
CVE-2026-32625
CVE
CVE-2026-31943
CVE
CVE-2026-22252
CVE
CVE-2026-31942
CVE
CVE-2025-2828
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.