CVE-2026-31950 | danny-avila LibreChat up to 0.8.1 SSE Streaming Endpoint /api/agents/chat/stream/ access control (GHSA-f6rf-vm44-wh5g)

A vulnerability identified as critical has been detected in danny-avila LibreChat up to 0.8.1. This vulnerability affects unknown code of the file /api/agents/chat/stream/ of the component SSE Streaming Endpoint. Performing a manipulation results in improper access controls.

This vulnerability is reported as CVE-2026-31950. The attack is possible to be carried out remotely. No exploit exists.

You should upgrade the affected component.VulDB Recent EntriesRead More