NIXPKGS-2026-0963

GitHub issue published on

Permalink CVE-2026-34371

6.3 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): HIGH
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): CHANGED
Confidentiality impact (C): NONE
Integrity impact (I): HIGH
Availability impact (A): NONE

updated 3 weeks, 5 days ago by @LeSuisse Activity log

Created suggestion 3 weeks, 5 days ago
@LeSuisse deleted maintainer @niklaskorz 3 weeks, 5 days ago maintainer.delete
@LeSuisse accepted 3 weeks, 5 days ago
@LeSuisse published on GitHub 3 weeks, 5 days ago

LibreChat Affected by Arbitrary File Write via `execute_code` Artifact Filename Traversal

LibreChat is a ChatGPT clone with additional features. Prior to 0.8.4, LibreChat trusts the name field returned by the execute_code sandbox when persisting code-generated artifacts. On deployments using the default local file strategy, a malicious artifact filename containing traversal sequences (for example, ../../../../../app/client/dist/poc.txt) is concatenated into the server-side destination path and written with fs.writeFileSync() without sanitization. This gives any user who can trigger execute_code an arbitrary file write primitive as the LibreChat server user. This vulnerability is fixed in 0.8.4.

References

https://github.com/danny-avila/LibreChat/security/advisories/GHSA-qrm5-r67f-6692 x_refsource_CONFIRM

Affected products

LibreChat

==< 0.8.4

Matching in nixpkgs

pkgs.librechat

Open-source app for all your AI conversations, fully customizable and compatible with any AI provider

nixos-unstable 0.8.4
- nixpkgs-unstable 0.8.4
- nixos-unstable-small 0.8.4
nixos-25.11 0.8.0
- nixos-25.11-small 0.8.0
- nixpkgs-25.11-darwin 0.8.0

Package maintainers

Ignored maintainers (1)

@niklaskorz Niklas Korz <nixpkgs@korz.dev>

Nixpkgs security tracker

Details of issue NIXPKGS-2026-0963

References

Affected products

Matching in nixpkgs

pkgs.librechat

Package maintainers