CVE-2026-54033 | danny-avila LibreChat up to 0.8.4 API Endpoint server-side request forgery (GHSA-gc9r-88c3-7qhq)

A vulnerability was found in danny-avila LibreChat. It has been classified as critical. This vulnerability affects unknown code of the component API Endpoint. Performing a manipulation results in server-side request forgery.

This vulnerability is cataloged as CVE-2026-54033. It is possible to initiate the attack remotely. There is no exploit available.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More