CVE-2026-34371 | danny-avila LibreChat up to 0.8.3 writeFileSync path traversal

Inserito da Angelo Barbosa | Apr 7, 2026 | CVE

A vulnerability labeled as critical has been found in danny-avila LibreChat up to 0.8.3. Affected by this vulnerability is the function writeFileSync. Executing a manipulation can lead to path traversal.

This vulnerability is registered as CVE-2026-34371. It is possible to launch the attack remotely. No exploit is available.

The affected component should be upgraded.

CVE-2026-34371 | danny-avila LibreChat up to 0.8.3 writeFileSync path traversal

Post correlati

CVE-2026-34787 | Emlog up to 2.6.2 admin/plugin.php require_once plugin filename control (GHSA-7mvq-qj5x-5phm)

CVE-2024-0942 | Totolink /cgi-bin/cstecgi.cgi session expiration

CVE-2024-6470 | playSMS 1.4.3 Template index.php Receiver Number injection

CVE-2023-48799 | Totolink X6000R 9.4.0cu.852_B20230719 Privilege Escalation