CVE-2026-44654 | danny-avila LibreChat up to 0.8.4 /api/files authorization (GHSA-f8jg-v856-mf6q)

A vulnerability classified as problematic has been found in danny-avila LibreChat up to 0.8.4. The impacted element is an unknown function of the file /api/files. The manipulation leads to incorrect authorization.

This vulnerability is referenced as CVE-2026-44654. Remote exploitation of the attack is possible. No exploit is available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More