VDB
CVE-2025-69221
CVE-2025-69221
PUBLISHED
CVSS 4.300000190734863 MEDIUM
LibreChat is a ChatGPT clone with additional features. Version 0.8.1-rc2 does not enforce proper access control when querying agent permissions. An authenticated attacker can read the permissions of arbitrary agents, even if they have no permissions for this agent. LibreChat allows the configuration of agents that have a predefined set of instructions and context. Private agents are not visible to other users. However, if an attacker knows the agent ID, they can read the permissions of the agent including the permissions individually assigned to other users. This issue is fixed in version 0.8.2-rc2.
EPSS 0.04% · 12.0th percentile
Risk Scores
CVSS v3.1
4.300000190734863
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
EPSS Score
0.04%
12.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| librechat | librechat | 0.8.1, 0.8.1 |
| danny-avila | LibreChat | < 0.8.1-rc2 |
Timeline
- Dec 29, 2025 CVE ID Reserved
- Jan 7, 2026 CVE Published
- Jan 7, 2026 CVE Updated
- Jan 8, 2026 EPSS Score
- Jan 11, 2026 EPSS Score
- Jan 14, 2026 EPSS Score
- Jan 17, 2026 EPSS Score
- Jan 21, 2026 EPSS Score
- Jan 24, 2026 EPSS Score
- Jan 27, 2026 EPSS Score
- Jan 30, 2026 EPSS Score
- Feb 2, 2026 EPSS Score