CVE-2025-6088 — LOW (3.1) — White Hats Nepal

Vulnerability Description

In version 0.7.8 of danny-avila/librechat, improper authorization controls in the conversation sharing feature allow unauthorized access to other users' conversations if the conversation ID is known. Although UUIDv4 conversation IDs are generated server-side and are difficult to brute force, they can be obtained from less-protected sources such as server-side access logs, browser history, or screenshots. The vulnerability permits a logged-in user to gain read-only access to another user's conversations by exploiting the `/api/share/conversationID` endpoint, which lacks authorization checks. This issue is resolved in version v0.7.9-rc1.

CVSS Score

3.1

LOW

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Librechat	Librechat	0.7.8

Related Weaknesses (CWE)

CWE-285

References

https://github.com/danny-avila/librechat/commit/3af2666890bbf291cb7b9f3e03592d54Patch
https://huntr.com/bounties/361405bb-a739-41eb-a680-4cb6193e7c76ExploitPatchThird Party Advisory

FAQ

What is CVE-2025-6088?

CVE-2025-6088 is a vulnerability with a CVSS score of 3.1 (LOW). In version 0.7.8 of danny-avila/librechat, improper authorization controls in the conversation sharing feature allow unauthorized access to other users' conversations if the conversation ID is known. ...

How severe is CVE-2025-6088?

CVE-2025-6088 has been rated LOW with a CVSS base score of 3.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-6088?

Check the references section above for vendor advisories and patch information. Affected products include: Librechat Librechat.