High severity8.5NVD Advisory· Published Mar 27, 2026· Updated Mar 31, 2026

CVE-2026-31943

Description

LibreChat is a ChatGPT clone with additional features. Prior to version 0.8.3, isPrivateIP() in packages/api/src/auth/domain.ts fails to detect IPv4-mapped IPv6 addresses in their hex-normalized form, allowing any authenticated user to bypass SSRF protection and make the server issue HTTP requests to internal network resources — including cloud metadata services (e.g., AWS 169.254.169.254), loopback, and RFC1918 ranges. Version 0.8.3 fixes the issue.

Affected products

Librechat/Librechat3 versions
cpe:2.3:a:librechat:librechat:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:librechat:librechat:*:*:*:*:*:*:*:*range: <0.8.3
- cpe:2.3:a:librechat:librechat:0.8.3:rc1:*:*:*:*:*:*
- cpe:2.3:a:librechat:librechat:0.8.3:rc2:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/danny-avila/LibreChat/security/advisories/GHSA-w5r7-4f94-vp4cnvdExploitVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.552
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000