Primary

Context

LibreChat Denial-of-Service Vulnerability in checkBan Middleware

Vulnerability

Patched

A denial-of-service vulnerability has been identified in LibreChat version git a1647d7. The issue allows an unauthenticated attacker to crash the server by sending a crafted payload. The vulnerability arises because the middleware function 'checkBan' lacks proper error handling; unhandled exceptions can lead to server crashes. This issue has been addressed in version 0.7.6.

Impact

Exploitation of this vulnerability causes the server to crash, leading to a denial-of-service condition.

Remediation

Users can upgrade to LibreChat version 0.7.6 or later to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

2.5

exploitability

7.7

remediation

7.7

relevance

0.0

threat

3.2

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

2.5

exploitability

7.7

remediation

7.7

relevance

0.0

threat

3.2

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

LibreChat Denial-of-Service Vulnerability in checkBan Middleware

Vulnerability

Impact

Remediation

Affected Products

danny-avila/librechat

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating