CVE ID :CVE-2026-34371 Published : April 7, 2026, 9:08 p.m. | 45 minutes ago Description :LibreChat is a ChatGPT clone with additional features. Prior to 0.8.4, LibreChat trusts the name field returned by the execute_code sandbox when persisting code-generated artifacts. On deployments using the default local file strategy, a malicious artifact filename containing traversal sequences (for example, ../../../../../app/client/dist/poc.txt) is concatenated into the server-side destination path and written with fs.writeFileSync() without sanitization. This gives any user who can trigger execute_code an arbitrary file write primitive as the LibreChat server user. This vulnerability is fixed in 0.8.4. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...