apk package

chainguard/librechat

pkg:apk/chainguard/librechat

Vulnerabilities (112)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2026-44459	Low	3.8	< 0.8.4-r6	0.8.4-r6	May 13, 2026	Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.18, improper validation of the JWT NumericDate claims exp, nbf, and iat in hono/utils/jwt allows tokens with non-spec-compliant claim values to silently bypass time-based checks. T
CVE-2026-44458	Med	4.3	< 0.8.4-r6	0.8.4-r6	May 13, 2026	Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.18, the JSX renderer escapes style attribute object values for HTML but not for CSS. Untrusted input in a style object value or property name can therefore inject additional CSS de
CVE-2026-44457	Med	5.3	< 0.8.4-r6	0.8.4-r6	May 13, 2026	Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.18, Cache Middleware does not skip caching for responses that declare per-user variance via Vary: Authorization or Vary: Cookie. As a result, a response cached for one authenticate
CVE-2026-44456	Med	6.5	< 0.8.4-r6	0.8.4-r6	May 13, 2026	Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.16, bodyLimit() does not reliably enforce maxSize for requests without a usable Content-Length (e.g. Transfer-Encoding: chunked). Oversized requests can reach handlers and return 2
CVE-2026-44455	Med	4.7	< 0.8.4-r6	0.8.4-r6	May 13, 2026	Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.16, Improper handling of JSX element tag names in hono/jsx allowed unvalidated tag names to be directly inserted into the generated HTML output. When untrusted input is used as a t
CVE-2026-44294	Med	5.3	< 0.8.4-r7	0.8.4-r7	May 13, 2026	protobufjs compiles protobuf definitions into JavaScript (JS) functions. Prior to 7.5.6 and 8.0.2, protobufjs generated JavaScript property accessors from schema-controlled field and oneof names. Certain control characters in field names were not escaped before being embedded int
CVE-2026-44293	Hig	8.8	< 0.8.4-r7	0.8.4-r7	May 13, 2026	protobufjs compiles protobuf definitions into JavaScript (JS) functions. Prior to 7.5.6 and 8.0.2, protobufjs generated JavaScript for toObject conversion could include an unsafe expression derived from a schema-controlled bytes field default value. A crafted descriptor with a no
CVE-2026-44292	Med	5.3	< 0.8.4-r7	0.8.4-r7	May 13, 2026	protobufjs compiles protobuf definitions into JavaScript (JS) functions. Prior to 7.5.6 and 8.0.2, protobufjs generated message constructors copied enumerable properties from a provided properties object without filtering the __proto__ key. If an application constructed a message
CVE-2026-44291	Hig	8.1	< 0.8.4-r7	0.8.4-r7	May 13, 2026	protobufjs compiles protobuf definitions into JavaScript (JS) functions. Prior to 7.5.6 and 8.0.2, protobufjs used plain objects with inherited prototypes for internal type lookup tables used by generated encode and decode functions. If Object.prototype had already been polluted,
CVE-2026-44290	Hig	7.5	< 0.8.4-r7	0.8.4-r7	May 13, 2026	protobufjs compiles protobuf definitions into JavaScript (JS) functions. Prior to 7.5.6 and 8.0.2, protobufjs allowed certain schema option paths to traverse through inherited object properties while applying options. A crafted protobuf schema or JSON descriptor could cause optio
CVE-2026-44289	Hig	7.5	< 0.8.4-r7	0.8.4-r7	May 13, 2026	protobufjs compiles protobuf definitions into JavaScript (JS) functions. Prior to 7.5.6 and 8.0.2, protobufjs could recurse without a depth limit while decoding nested protobuf data. This affected both skipping unknown group fields and generated decoding of nested message fields.
CVE-2026-44288	Med	5.3	< 0.8.4-r7	0.8.4-r7	May 13, 2026	protobufjs compiles protobuf definitions into JavaScript (JS) functions. Prior to 7.5.6 and 8.0.2, protobufjs includes a minimal UTF-8 decoder that accepted overlong UTF-8 byte sequences and decoded them to their canonical characters instead of replacing them. An attacker who can
CVE-2026-45134	hig	—	< 0.8.4-r7	0.8.4-r7	May 13, 2026	## Description The LangSmith SDK's prompt pull methods (`pull_prompt` / `pull_prompt_commit` in Python, `pullPrompt` / `pullPromptCommit` in JS/TS) fetch and deserialize prompt manifests from the LangSmith Hub. These manifests may contain serialized LangChain objects and model c
CVE-2026-42338	Med	6.1	< 0.8.4-r6	0.8.4-r6	May 12, 2026	ip-address is a library for parsing and manipulating IPv4 and IPv6 addresses in JavaScript. Prior to 10.1.1, Address6.group() and Address6.link() do not HTML-escape attacker-controlled content before embedding it in the HTML strings they return, and AddressError.parseMessage (emi
CVE-2026-41159		—	< 0.8.4-r7	0.8.4-r7	May 11, 2026	### Impact Mermaid's default configuration allows injecting CSS that applies outside of the Mermaid diagram via the `fontFamily`, `themeCSS`, and `altFontFamily` configuration options. Live demo: [mermaid.live](https://mermaid.live/edit#pako:eNpNjktLxDAUhf9KvFBR6JS-60QQfODKlUvJ
CVE-2026-41150		—	< 0.8.4-r7	0.8.4-r7	May 11, 2026	### Impact Mermaid v11.14.0 and earlier are vulnerable to a denial-of-service attack when rendering gantt charts, if they use the [`excludes` attribute](https://mermaid.js.org/syntax/gantt.html?#excludes) to exclude all dates. Example: ``` gantt excludes monday,tuesday,wedne
CVE-2026-41149		—	< 0.8.4-r7	0.8.4-r7	May 11, 2026	### Impact Under the default configuration, Mermaid state diagram's `classDef` allow DOM injection that escapes the SVG, although `` tags are removed, preventing XSS. #### Proof-of-concept ``` stateDiagram-v2 classDef xss fill:red*{x:x;y:y;overfl
CVE-2026-41148		—	< 0.8.4-r7	0.8.4-r7	May 11, 2026	### Details The state diagram and any other diagram type that routes user-controlled style strings through createCssStyles parser for Mermaid v11.14.0 and earlier captures `classDef` values with an unrestricted regex: ```jison // packages/mermaid/src/diagrams/state/parser/state
CVE-2026-44902	hig	—	< 0.8.4-r7	0.8.4-r7	May 11, 2026	## Summary A single malformed HTTP request crashes any Node.js process running the OpenTelemetry JS Prometheus exporter. The metrics endpoint (default `0.0.0.0:9464`) has no error handling around URL parsing, so a request with an invalid URI causes an uncaught `TypeError` that t
CVE-2026-42264	Hig	7.4	< 0.8.4-r6	0.8.4-r6	May 8, 2026	Axios is a promise based HTTP client for the browser and Node.js. From version 1.0.0 to before version 1.15.2, fFive config properties (auth, baseURL, socketPath, beforeRedirect, and insecureHTTPParser) in the HTTP adapter are read via direct property access without hasOwnPropert

CVE-2026-44459LowMay 13, 2026
affected < 0.8.4-r6fixed 0.8.4-r6
Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.18, improper validation of the JWT NumericDate claims exp, nbf, and iat in hono/utils/jwt allows tokens with non-spec-compliant claim values to silently bypass time-based checks. T
CVE-2026-44458MedMay 13, 2026
affected < 0.8.4-r6fixed 0.8.4-r6
Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.18, the JSX renderer escapes style attribute object values for HTML but not for CSS. Untrusted input in a style object value or property name can therefore inject additional CSS de
CVE-2026-44457MedMay 13, 2026
affected < 0.8.4-r6fixed 0.8.4-r6
Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.18, Cache Middleware does not skip caching for responses that declare per-user variance via Vary: Authorization or Vary: Cookie. As a result, a response cached for one authenticate
CVE-2026-44456MedMay 13, 2026
affected < 0.8.4-r6fixed 0.8.4-r6
Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.16, bodyLimit() does not reliably enforce maxSize for requests without a usable Content-Length (e.g. Transfer-Encoding: chunked). Oversized requests can reach handlers and return 2
CVE-2026-44455MedMay 13, 2026
affected < 0.8.4-r6fixed 0.8.4-r6
Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.16, Improper handling of JSX element tag names in hono/jsx allowed unvalidated tag names to be directly inserted into the generated HTML output. When untrusted input is used as a t
CVE-2026-44294MedMay 13, 2026
affected < 0.8.4-r7fixed 0.8.4-r7
protobufjs compiles protobuf definitions into JavaScript (JS) functions. Prior to 7.5.6 and 8.0.2, protobufjs generated JavaScript property accessors from schema-controlled field and oneof names. Certain control characters in field names were not escaped before being embedded int
CVE-2026-44293HigMay 13, 2026
affected < 0.8.4-r7fixed 0.8.4-r7
protobufjs compiles protobuf definitions into JavaScript (JS) functions. Prior to 7.5.6 and 8.0.2, protobufjs generated JavaScript for toObject conversion could include an unsafe expression derived from a schema-controlled bytes field default value. A crafted descriptor with a no
CVE-2026-44292MedMay 13, 2026
affected < 0.8.4-r7fixed 0.8.4-r7
protobufjs compiles protobuf definitions into JavaScript (JS) functions. Prior to 7.5.6 and 8.0.2, protobufjs generated message constructors copied enumerable properties from a provided properties object without filtering the __proto__ key. If an application constructed a message
CVE-2026-44291HigMay 13, 2026
affected < 0.8.4-r7fixed 0.8.4-r7
protobufjs compiles protobuf definitions into JavaScript (JS) functions. Prior to 7.5.6 and 8.0.2, protobufjs used plain objects with inherited prototypes for internal type lookup tables used by generated encode and decode functions. If Object.prototype had already been polluted,
CVE-2026-44290HigMay 13, 2026
affected < 0.8.4-r7fixed 0.8.4-r7
protobufjs compiles protobuf definitions into JavaScript (JS) functions. Prior to 7.5.6 and 8.0.2, protobufjs allowed certain schema option paths to traverse through inherited object properties while applying options. A crafted protobuf schema or JSON descriptor could cause optio
CVE-2026-44289HigMay 13, 2026
affected < 0.8.4-r7fixed 0.8.4-r7
protobufjs compiles protobuf definitions into JavaScript (JS) functions. Prior to 7.5.6 and 8.0.2, protobufjs could recurse without a depth limit while decoding nested protobuf data. This affected both skipping unknown group fields and generated decoding of nested message fields.
CVE-2026-44288MedMay 13, 2026
affected < 0.8.4-r7fixed 0.8.4-r7
protobufjs compiles protobuf definitions into JavaScript (JS) functions. Prior to 7.5.6 and 8.0.2, protobufjs includes a minimal UTF-8 decoder that accepted overlong UTF-8 byte sequences and decoded them to their canonical characters instead of replacing them. An attacker who can
CVE-2026-45134higMay 13, 2026
affected < 0.8.4-r7fixed 0.8.4-r7
## Description The LangSmith SDK's prompt pull methods (`pull_prompt` / `pull_prompt_commit` in Python, `pullPrompt` / `pullPromptCommit` in JS/TS) fetch and deserialize prompt manifests from the LangSmith Hub. These manifests may contain serialized LangChain objects and model c
CVE-2026-42338MedMay 12, 2026
affected < 0.8.4-r6fixed 0.8.4-r6
ip-address is a library for parsing and manipulating IPv4 and IPv6 addresses in JavaScript. Prior to 10.1.1, Address6.group() and Address6.link() do not HTML-escape attacker-controlled content before embedding it in the HTML strings they return, and AddressError.parseMessage (emi
CVE-2026-41159May 11, 2026
affected < 0.8.4-r7fixed 0.8.4-r7
### Impact Mermaid's default configuration allows injecting CSS that applies outside of the Mermaid diagram via the `fontFamily`, `themeCSS`, and `altFontFamily` configuration options. Live demo: [mermaid.live](https://mermaid.live/edit#pako:eNpNjktLxDAUhf9KvFBR6JS-60QQfODKlUvJ
CVE-2026-41150May 11, 2026
affected < 0.8.4-r7fixed 0.8.4-r7
### Impact Mermaid v11.14.0 and earlier are vulnerable to a denial-of-service attack when rendering gantt charts, if they use the [`excludes` attribute](https://mermaid.js.org/syntax/gantt.html?#excludes) to exclude all dates. Example: ``` gantt excludes monday,tuesday,wedne
CVE-2026-41149May 11, 2026
affected < 0.8.4-r7fixed 0.8.4-r7
### Impact Under the default configuration, Mermaid state diagram's `classDef` allow DOM injection that escapes the SVG, although `` tags are removed, preventing XSS. #### Proof-of-concept ``` stateDiagram-v2 classDef xss fill:red*{x:x;y:y;overfl
CVE-2026-41148May 11, 2026
affected < 0.8.4-r7fixed 0.8.4-r7
### Details The state diagram and any other diagram type that routes user-controlled style strings through createCssStyles parser for Mermaid v11.14.0 and earlier captures `classDef` values with an unrestricted regex: ```jison // packages/mermaid/src/diagrams/state/parser/state
CVE-2026-44902higMay 11, 2026
affected < 0.8.4-r7fixed 0.8.4-r7
## Summary A single malformed HTTP request crashes any Node.js process running the OpenTelemetry JS Prometheus exporter. The metrics endpoint (default `0.0.0.0:9464`) has no error handling around URL parsing, so a request with an invalid URI causes an uncaught `TypeError` that t
CVE-2026-42264HigMay 8, 2026
affected < 0.8.4-r6fixed 0.8.4-r6
Axios is a promise based HTTP client for the browser and Node.js. From version 1.0.0 to before version 1.15.2, fFive config properties (auth, baseURL, socketPath, beforeRedirect, and insecureHTTPParser) in the HTTP adapter are read via direct property access without hasOwnPropert

Page 1 of 6