Access Control Vulnerability in LibreChat by Danny Avila
CVE-2025-69221

4.3MEDIUM

Key Information:

Vendor

Danny-avila

Status
Librechat
Vendor
CVE Published:
7 January 2026

What is CVE-2025-69221?

LibreChat, a ChatGPT clone with enhanced features, has a vulnerability in version 0.8.1-rc2 related to access control. This flaw allows an authenticated attacker to query and read the permissions assigned to arbitrary agents within the system, even if the attacker lacks permission for those agents. Although private agents should remain concealed and only visible to their assigned users, an attacker can exploit this vulnerability by knowing the specific agent ID. This leads to potential exposure of sensitive permissions details. The issue has been addressed in subsequent releases, specifically version 0.8.2-rc2, which fixes the access control weaknesses.

Affected Version(s)

LibreChat < 0.8.1-rc2

References

https://github.com/danny-avila/LibreChat/security/advisor...
x_refsource_CONFIRM
https://github.com/danny-avila/LibreChat/commit/06ba025bd...
x_refsource_MISC
https://github.com/danny-avila/LibreChat/releases/tag/v0....
x_refsource_MISC

CVSS V3.1

Score:
4.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.