Vulnerabilidades en danny-avila
48 resultadosCVE-2025-69222CRITICALLibreChat is vulnerable to Server-Side Request Forgery due to missing restrictionsEPSS 4.1%CVE-2026-22252CRITICALLibreChat MCP Stdio Remote Command ExecutionEPSS 3.7%CVE-2026-32625CRITICALLibreChat Exfiltrates Server Secrets via MCP Server URL InjectionEPSS 2.9%CVE-2024-11170HIGHPath Traversal in danny-avila/librechatEPSS 1.6%CVE-2024-10361HIGHArbitrary File Deletion via Path Traversal in danny-avila/librechatEPSS 0.9%CVE-2024-11169HIGHUnhandled Exception Leading to Server Crash in danny-avila/librechatEPSS 0.9%CVE-2024-11172HIGHDenial of Service in danny-avila/librechatEPSS 0.9%CVE-2024-11173MEDIUMUnhandled Exception in danny-avila/librechatEPSS 0.8%CVE-2024-11171HIGHImproper Input Validation in danny-avila/librechatEPSS 0.8%CVE-2024-11167CRITICALImproper Access Control in danny-avila/librechatEPSS 0.5%CVE-2024-12580MEDIUMLogs Debug Injection in danny-avila/librechatEPSS 0.5%CVE-2025-8848MEDIUMHTML Injection in Accept-Language Header in danny-avila/librechatEPSS 0.4%CVE-2025-8850LOWInsecure API Design in danny-avila/librechatEPSS 0.4%CVE-2026-31949MEDIUMLibreChat Denial of Service (DoS) via Unhandled Exception in DELETE /api/convosEPSS 0.4%CVE-2025-54868HIGHLibreChat exposes arbitrary chats through Meilisearch engineEPSS 0.4%CVE-2024-10359MEDIUMMass Assignment in Preset Creation Allows User ID Manipulation in danny-avila/librechatEPSS 0.3%CVE-2024-10366HIGHIDOR in delete attachments in danny-avila/librechatEPSS 0.3%CVE-2025-41258HIGHLibreChat RAG API Authentication BypassEPSS 0.3%CVE-2024-10363MEDIUMImproper Access Control in danny-avila/LibreChatEPSS 0.3%CVE-2025-8849MEDIUMDenial of Service in danny-avila/librechatEPSS 0.3%