VYPR

apk package

chainguard/librechat

pkg:apk/chainguard/librechat

Vulnerabilities (128)

  • CVE-2026-54288Jun 16, 2026
    affected < 0.8.6-r4fixed 0.8.6-r4

    ### Summary The Body Limit Middleware trusts the request's `Content-Length` header to decide whether a body is within the limit. On AWS Lambda (API Gateway v1/v2, ALB, VPC Lattice, and Lambda@Edge) the body is delivered fully buffered and the adapter builds the request with the

  • CVE-2026-54289Jun 16, 2026
    affected < 0.8.6-r4fixed 0.8.6-r4

    ### Summary On AWS Lambda@Edge, CloudFront delivers a request header that appears more than once as several separate entries. The adapter writes each value with `Headers.set` instead of `Headers.append`, so every value overwrites the previous one and only the last reaches the ap

  • CVE-2026-54290higJun 16, 2026
    affected < 0.8.6-r4fixed 0.8.6-r4

    ### Summary With `credentials: true` and no explicit `origin` (the default wildcard), the CORS Middleware reflects the request's `Origin` and sends `Access-Control-Allow-Credentials: true`. Any site can then make credentialed cross-origin requests and read the responses, exposin

  • CVE-2026-54286Jun 16, 2026
    affected < 0.8.6-r4fixed 0.8.6-r4

    ### Summary On Windows hosts, an encoded backslash (`%5C`) in the request path decodes to `\`, which the Windows path resolver treats as a separator. `serve-static` then resolves a single URL segment such as `admin\secret.txt` into a nested file under the root and serves it, let

  • CVE-2026-54287Jun 16, 2026
    affected < 0.8.6-r4fixed 0.8.6-r4

    ### Summary On AWS Lambda, the ALB single-header response and the VPC Lattice v2 response join multiple `Set-Cookie` headers into one comma-separated value. Because commas also appear inside cookie attributes (for example `Expires` dates), clients cannot split the value back int

  • CVE-2026-49978Jun 15, 2026
    affected < 0.8.7-r1fixed 0.8.7-r1

    If the HTML you give it contains a element, and inside that template there's an element with a shadow DOM attached to it, DOMPurify quietly skips over the shadow contents. Whatever the attacker put in there - an image with an onerror handler, a link with a javascript:

  • CVE-2026-49459Jun 15, 2026
    affected < 0.8.7-r1fixed 0.8.7-r1

    # IN_PLACE mode preserves attributes of a clobbered root element, allowing XSS via attacker-controlled root DOM **CWE**: CWE-79 (XSS — Improper Neutralization of Input During Web Page Generation) via CWE-693 (Protection Mechanism Failure — silent no-op when `_forceRemove` is cal

  • CVE-2026-12143HigJun 12, 2026
    affected < 0.8.6-r4fixed 0.8.6-r4

    form-data is a library for creating readable multipart/form-data streams. In versions through 4.0.5, the `field` argument to `FormData#append` and the `filename` option are concatenated verbatim into the `Content-Disposition` header without escaping carriage return (CR), line fee

  • CVE-2026-44494HigJun 11, 2026
    affected < 0.8.6-r1fixed 0.8.6-r1

    Axios is a promise based HTTP client for the browser and Node.js. From 1.0.0 to before 1.16.0, the Axios library is vulnerable to a Prototype Pollution "Gadget" attack that allows any Object.prototype pollution in the application's dependency tree to be escalated into a full Man-

  • CVE-2026-44492HigJun 11, 2026
    affected < 0.8.6-r1fixed 0.8.6-r1

    Axios is a promise based HTTP client for the browser and Node.js. Prior to 0.32.0 and 1.16.0, Axios does not normalise IPv4-mapped IPv6 addresses. When NO_PROXY lists an IPv4 address such as 127.0.0.1 or 169.254.169.254, a request URL using the IPv4-mapped IPv6 form (::ffff:7f00:

  • CVE-2026-44490MedJun 11, 2026
    affected < 0.8.6-r1fixed 0.8.6-r1

    Axios is a promise based HTTP client for the browser and Node.js. Prior to 0.32.0 and 1.16.0, axios exposes two read-side prototype-pollution gadgets. When Object.prototype is polluted by an upstream dependency in the same process (e.g. lodash _.merge / CVE-2018-16487), axios sil

  • CVE-2026-44489LowJun 11, 2026
    affected < 0.8.6-r1fixed 0.8.6-r1

    Axios is a promise based HTTP client for the browser and Node.js. From 1.15.2 to before 1.16.0, nested objects created by utils.merge() (e.g., config.proxy) are still constructed as plain {} with Object.prototype in their chain. The setProxy() function at lib/adapters/http.js:209

  • CVE-2026-41159MedMay 29, 2026
    affected < 0.8.4-r7fixed 0.8.4-r7

    Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Prior to 10.9.6 and 11.15.0, Mermaid's default configuration allows injecting CSS that applies outside of the Mermaid diagram via the fontFamily, themeCSS, and altFontFamily c

  • CVE-2026-41150MedMay 29, 2026
    affected < 0.8.4-r7fixed 0.8.4-r7

    Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Prior to 10.9.6 and 11.15.0, there is a denial-of-service attack when rendering gantt charts, if they use the excludes attribute to exclude all dates. mermaid.parse is unaffect

  • CVE-2026-45134HigMay 27, 2026
    affected < 0.8.4-r7fixed 0.8.4-r7

    LangSmith Client SDKs provide SDK's for interacting with the LangSmith platform. Prior to LangSmith SDK Python 0.8.0 and JS/TS 0.6.0, the LangSmith SDK's prompt pull methods (pull_prompt / pull_prompt_commit in Python, pullPrompt / pullPromptCommit in JS/TS) fetch and deserialize

  • CVE-2026-44902HigMay 27, 2026
    affected < 0.8.4-r7fixed 0.8.4-r7

    opentelemetry-js is the OpenTelemetry JavaScript Client. Prior to 0.217.0, a single malformed HTTP request crashes any Node.js process running the OpenTelemetry JS Prometheus exporter. The metrics endpoint (default 0.0.0.0:9464) has no error handling around URL parsing, so a requ

  • CVE-2026-41149MedMay 22, 2026
    affected < 0.8.4-r7fixed 0.8.4-r7

    Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Versions 10.9.5 and earlier, as well as 11.0.0-alpha.1 through 11.14.0, are vulnerable to HTML injection under the default configuration. Specifically, the classDef directive i

  • CVE-2026-41148MedMay 22, 2026
    affected < 0.8.4-r7fixed 0.8.4-r7

    Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Versions 10.9.5 and prior, in addition to 11.0.0-alpha.1 through 11.12.0 are vulnerable to CSS injection through improper sanitization. The state diagram (and any other diagram

  • CVE-2026-45740MedMay 13, 2026
    affected < 0.8.5-r1fixed 0.8.5-r1

    protobufjs compiles protobuf definitions into JavaScript (JS) functions. Prior to 7.5.8 and 8.2.0, protobufjs could recurse without a depth limit while expanding nested JSON descriptors through Root.fromJSON() and Namespace.addJSON(). A crafted JSON descriptor with deeply nested

  • CVE-2026-44459LowMay 13, 2026
    affected < 0.8.4-r6fixed 0.8.4-r6

    Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.18, improper validation of the JWT NumericDate claims exp, nbf, and iat in hono/utils/jwt allows tokens with non-spec-compliant claim values to silently bypass time-based checks. T

Page 1 of 7