CVE Catalog

CVE-2026-54027

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.19%

9th percentile — higher than 9% of all known CVEs

Summary

Vulnerability in LibreChat before version 0.8.4-rc1 allows an authenticated user to upload files to any agent's tool resources (e.g., context, execute code) without verifying ownership or EDIT permission. The authorization bypass is possible by using the image endpoint instead of the file endpoint.

Risk Assessment

An attacker can unauthorizedly modify agent resources, potentially leading to data integrity compromise, privilege escalation, or execution of malicious code in the agent's context.

Recommendation

Immediately update LibreChat to version 0.8.4-rc1 or later, which includes a fix adding permission verification for the image upload endpoint.

Original NVD description (English source)

LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the POST /api/files/images endpoint allows any authenticated user to upload files into any agent's tool_resources (e.g., context, execute_code) without verifying ownership or EDIT permission on the target agent. A permission check was added to the POST /api/files route in a previous patch, but the image upload route was never updated with the same check. An attacker can simply use the image endpoint instead of the file endpoint to bypass the authorization entirely. This vulnerability is fixed in 0.8.4-rc1.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS