CVE-2025-62505 | lobehub lobe-chat up to 1.136.1 tRPC Endpoint tools.search.crawlPages server-side request forgery (GHSA-fgx4-p8xf-qhp9)

A vulnerability described as critical has been identified in lobehub lobe-chat up to 1.136.1. The impacted element is an unknown function of the file tools.search.crawlPages of the component tRPC Endpoint. Executing manipulation can lead to server-side request forgery.

The identification of this vulnerability is CVE-2025-62505. The attack may be launched remotely. There is no exploit available.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More