{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-31943", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-10T15:10:10.656Z", "datePublished": "2026-03-27T19:21:50.653Z", "dateUpdated": "2026-03-27T19:21:50.653Z"}, "containers": {"cna": {"title": "LibreChat has SSRF protection bypass via IPv4-mapped IPv6 normalization in isPrivateIP", "problemTypes": [{"descriptions": [{"cweId": "CWE-918", "lang": "en", "description": "CWE-918: Server-Side Request Forgery (SSRF)", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/danny-avila/LibreChat/security/advisories/GHSA-w5r7-4f94-vp4c", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/danny-avila/LibreChat/security/advisories/GHSA-w5r7-4f94-vp4c"}], "affected": [{"vendor": "danny-avila", "product": "LibreChat", "versions": [{"version": "< 0.8.3", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-27T19:21:50.653Z"}, "descriptions": [{"lang": "en", "value": "LibreChat is a ChatGPT clone with additional features. Prior to version 0.8.3, `isPrivateIP()` in `packages/api/src/auth/domain.ts` fails to detect IPv4-mapped IPv6 addresses in their hex-normalized form, allowing any authenticated user to bypass SSRF protection and make the server issue HTTP requests to internal network resources \u2014 including cloud metadata services (e.g., AWS `169.254.169.254`), loopback, and RFC1918 ranges. Version 0.8.3 fixes the issue."}], "source": {"advisory": "GHSA-w5r7-4f94-vp4c", "discovery": "UNKNOWN"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "LibreChat is a ChatGPT clone with additional features. Prior to version 0.8.3, `isPrivateIP()` in `packages/api/src/auth/domain.ts` fails to detect IPv4-mapped IPv6 addresses in their hex-normalized form, allowing any authenticated user to bypass SSRF protection and make the server issue HTTP requests to internal network resources \u2014 including cloud metadata services (e.g., AWS `169.254.169.254`), loopback, and RFC1918 ranges. Version 0.8.3 fixes the issue."}], "id": "CVE-2026-31943", "lastModified": "2026-03-30T13:26:29.793", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 4.7, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-03-27T20:16:29.897", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/danny-avila/LibreChat/security/advisories/GHSA-w5r7-4f94-vp4c"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Undergoing Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,0.8.3)"}}], "enrichment": {"confidence": 98.0, "confidence_source": "matching", "scores": [{"score": 98.0, "source": "matching"}]}, "original": {"product": "LibreChat", "source": "cna", "vendor": "danny-avila"}, "product": "libre_chat", "vendor": "danny-avila"}], "analysis": {"en": {"generated_at": "2026-03-27T20:22:18.861441+00:00", "value": {"mitigation_remediation": ["Upgrade LibreChat to version 0.8.3 or newer"], "summary": {"action": "Apply Patch", "impact": "Server Side Request Forgery"}, "threat_synthesis": {"affected_systems": "The issue affects the LibreChat application from the vendor danny-avila. All releases prior to version 0.8.3 are vulnerable. Version 0.8.3 and later include a fix that properly detects IPv4\u2011mapped IPv6 addresses.", "description_and_impact": "LibreChat\u2019s isPrivateIP() function incorrectly ignores IPv4-mapped IPv6 addresses in their hex\u2011normalized form, allowing authenticated users to manipulate the server into making outbound HTTP requests to internal addresses. This bypass enables the attacker to access internal resources such as cloud metadata services, loopback interfaces, or RFC1918 networks, potentially leaking confidential data or facilitating further attacks.", "risk_and_exploitability": "The CVSS score of 8.5 indicates a high severity vulnerability. While the EPSS score is not available and the CVE is not listed in the CISA KEV catalog, exploitation requires an authenticated user and can directly expose internal network services. The vulnerability\u2019s impact is significant, permitting arbitrary internal requests that can lead to data disclosure, credential leakage, or further compromise of the internal network."}}}}, "created": "2026-03-27T20:27:35.357547+00:00", "updated": "2026-03-30T07:00:45.447855+00:00", "vendors": ["danny-avila", "danny-avila$PRODUCT$libre_chat"]}