CVE-2025-6088

Published: Sep 11, 2025

Modified: Sep 11, 2025

PUBLISHED

CVSS v3.0

4.2

MEDIUM

Description

In version 0.7.8 of danny-avila/librechat, improper authorization controls in the conversation sharing feature allow unauthorized access to other users' conversations if the conversation ID is known. Although UUIDv4 conversation IDs are generated server-side and are difficult to brute force, they can be obtained from less-protected sources such as server-side access logs, browser history, or screenshots. The vulnerability permits a logged-in user to gain read-only access to another user's conversations by exploiting the `/api/share/conversationID` endpoint, which lacks authorization checks. This issue is resolved in version v0.7.9-rc1.

Vendor	Product	Versions
danny-avila	danny-avila/librechat	affected `unspecified - < v0.7.9-rc1`

Weaknesses (CWE)

CWE-285

CVSS v3.0 Details

CVSS v3.0 Vector

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:L

Attack Vector

Network

Attack Complexity

High

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

Low

References

https://huntr.com/bounties/361405bb-a739-41eb-a680-4cb6193e7c76

https://github.com/danny-avila/librechat/commit/3af2666890bbf291cb7b9f3e03592d54714f0ff5

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-6088

Description

Affected Products

Weaknesses (CWE)

CVSS v3.0 Details

References