CVE-2025-69222HIGH 8.1EPSS p89.4%

CVE-2025-69222CVE-2025-69222

Description

LibreChat is a ChatGPT clone with additional features. Version 0.8.1-rc2 is prone to a server-side request forgery (SSRF) vulnerability due to missing restrictions of the Actions feature in the default configuration. LibreChat enables users to configure agents with predefined instructions and actions that can interact with remote services via OpenAPI specifications, supporting various HTTP methods, parameters, and authentication methods including custom headers. By default, there are no restrictions on accessible services, which means agents can also access internal components like the RAG API included in the default Docker Compose setup. This issue is fixed in version 0.8.1-rc2.

Scoring

CVSS 3.18.1 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
EPSS4.09% probability of exploitation · percentile 89.4% · 2026-06-19T12:03:05Z
Published2026-01-07
Last modified2026-01-15

Underlying weaknesses· 1

CWE-918

References

  1. https://github.com/danny-avila/LibreChat/commit/3b41e392ba5c0d603c1737d8582875e04eaa6e02
  2. https://github.com/danny-avila/LibreChat/releases/tag/v0.8.2-rc2
  3. https://github.com/danny-avila/LibreChat/security/advisories/GHSA-rgjq-4q58-m3q8

1

TypeTargetConfidenceTier
WeaknessServer-Side Request Forgery (SSRF)cwe-9180%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-66201
CVE
CVE-2026-22252
CVE
CVE-2026-31943
CVE
CVE-2026-32625
CVE
CVE-2026-31942
CVE
CVE-2025-41258
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.