Vulnerabilidades en danny-avila
48 resultadosCVE-2026-54027MEDIUMLibreChat: Image Upload Route Bypasses Agent Permission Check — Incomplete Fix for File Upload AuthorizationEPSS 0.2%CVE-2026-54036MEDIUMLibreChat: 2FA Re-enrollment Allows Full Account 2FA Takeover Without OTP VerificationEPSS 0.2%CVE-2025-66452MEDIUMLibreChat's lack of JSON parsing error handling can lead to XSSEPSS 0.2%CVE-2025-66450HIGHLibreChat JSON Injection in Chat POST Allows Remote Resource Inclusion and PXSS via Image UploadEPSS 0.2%CVE-2026-54040MEDIUMLibreChat: 2FA Backup Code Regeneration Without OTP Verification Allows 2FA BypassEPSS 0.2%CVE-2026-54029MEDIUMLibreChat: IDOR in Message Deletion — Incomplete Fix for CVE-2024-41703 Leaves deleteMessages() Without User FilterEPSS 0.2%CVE-2026-54025MEDIUMLibreChat: Stored XSS via unescaped image alt text in markdown artifact previewEPSS 0.1%CVE-2026-54030HIGHLibreChat: Missing Resource Parameter Validation in MCP OAuth FlowEPSS 0.1%