Authentication Bypass in LibreChat Affects User Session Security
CVE-2025-41258

8HIGH

Key Information:

Vendor: Danny-avila
Status: Librechat
Vendor: CVE Published:; 18 March 2026

🔔 Create Danny-avila Vulnerability Alert

What is CVE-2025-41258?

LibreChat version 0.8.1-rc2 suffers from an authentication bypass vulnerability due to the usage of a shared JSON Web Token (JWT) secret for both user sessions and the RAG API. This design flaw potentially allows unauthorized access to the RAG API, undermining its service-level authentication and exposing sensitive user data. It is crucial for users and system administrators to review and apply necessary mitigations to prevent unauthorized access.

Affected Version(s)

LibreChat 0.8.1-rc2

References

https://github.com/sbaresearch/advisories/tree/public/202...

third-party-advisory

https://github.com/danny-avila/LibreChat

product

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 18, 2026
Vulnerability Reserved
Apr 16, 2025

Credit

Lisa Gnedt (SBA Research)

Michael Koppmann (SBA Research)

CVE-2025-41258 Data

JSON