CVE-2025-54868 LibreChat exposes arbitrary chats through Meilisearch engine

LibreChat is a ChatGPT clone with additional features. In versions 0.0.6 through 0.7.7-rc1, an exposed testing endpoint allows reading arbitrary chats directly from the Meilisearch engine. The endpoin ...

Continue Reading

August 05, 2025

CVE-2025-54868 LibreChat exposes arbitrary chats through Meilisearch engine

LibreChat is a ChatGPT clone with additional features. In versions 0.0.6 through 0.7.7-rc1, an exposed testing endpoint allows reading arbitrary chats directly from the Meilisearch engine. The endpoin ...

Continue Reading

August 05, 2025

curl: Uncontrolled File Write/Arbitrary File Creation

Vulnerability description not...Read More ...

Continue Reading

August 05, 2025

curl: CRLF injection in libcurl’s SMTP client via –mail-from and –mail-rcpt allows SMTP command smuggling

Vulnerability description not...Read More ...

Continue Reading

August 05, 2025

Lichess: Server-Side Request Forgery (SSRF) via Game Export API

The Lichess game export API was found to be vulnerable to Server-Side Request Forgery (SSRF) due to insufficient input validation of the "players" parameter. This allowed an attacker ...

Continue Reading

August 05, 2025

curl: Disk Space Exhaustion leading to a Denial of Service (DoS)

Vulnerability description not...Read More ...

Continue Reading

August 05, 2025

curl: access notes without permission

Vulnerability description not...Read More ...

Continue Reading

August 05, 2025

curl: CVE-2025-5399: WebSocket endless loop

The function curl_ws_send() in libcurl contains an infinite loop that can be triggered by a malicious server under specific circumstances. The loop is caused by a condition in the code that is not pro ...

Continue Reading

August 05, 2025

1 42,540 42,541 42,542 42,543 42,544 385,998

Back to Main
Subscribe for the latest news: