Vulnerabilities

Report: CVE-2025-41258 - LibreChat RAG API Authentication Bypass

2026-03-18 0 views admin

CVE ID :CVE-2025-41258 Published : March 18, 2026, 11:08 a.m. | 54 minutes ago Description :LibreChat version 0.8.1-rc2 uses the same JWT secret for the user session mechanism and RAG API which compromises the service-level authentication of the RAG API. Severity: 8.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2025-41258

Severity

HIGH

Published

March 18, 2026

🏷️ Tags

report41258librechatauthenticationbypasspublishedminutesdescriptioncve

InfinitSec - Latest Cybersecurity, Technology & Gaming News

Report: CVE-2025-41258 - LibreChat RAG API Authentication Bypass

CVE Details

🏷️ Tags

More from Vulnerabilities

Report: Latest: CVE-2026-5012 - elecV2 elecV2P rpc pm2run os command injection

Report: Complete Guide to CVE-2025-15604 - Amon2 versions before 6.17 for Perl use an insecure random_string implementation...

Report: Latest: CVE-2026-5007 - kazuph mcp-docs-rag add_git_repository/add_text_file index.ts cloneRepository os ...

Report: CVE-2026-3256 - HTTP::Session versions through 0.53 for Perl defaults to using insecurely generat

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting