How to fix EUVD-2026-16765?

Within 24 hours: Identify all LibreChat deployments running versions 0.8.2-rc2 through 0.8.2 and assess network exposure of internal APIs and metadata endpoints. Within 7 days: Upgrade all affected instances to LibreChat 0.8.3-rc1 or later. Within 30 days: Conduct network access review to restrict LibreChat service accounts from accessing internal resources not required for operation; implement network segmentation and firewall rules blocking unauthenticated access to cloud metadata endpoints.

EUVD-2026-16765

| CVE-2026-31945 HIGH

2026-03-27 GitHub_M

7.7

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

None

Availability

None

Lifecycle Timeline

EUVD ID Assigned

Mar 27, 2026 - 19:45 euvd

EUVD-2026-16765

Analysis Generated

Mar 27, 2026 - 19:45 vuln.today

CVE Published

Mar 27, 2026 - 19:23 nvd

HIGH 7.7

Description

LibreChat is a ChatGPT clone with additional features. Versions 0.8.2-rc2 through 0.8.2 are vulnerable to a server-side request forgery (SSRF) attack when using agent actions or MCP. Although a previous SSRF vulnerability (https://github.com/danny-avila/LibreChat/security/advisories/GHSA-rgjq-4q58-m3q8) was reported and patched, the fix only introduced hostname validation. It does not verify whether DNS resolution results in a private IP address. As a result, an attacker can still bypass the protection and gain access to internal resources, such as an internal RAG API or cloud instance metadata endpoints. Version 0.8.3-rc1 contains a patch.

Analysis

Server-side request forgery in LibreChat 0.8.2-rc2 through 0.8.2 allows authenticated users to access internal network resources via incomplete DNS validation bypass. Despite a prior SSRF patch, the current hostname validation fails to check if DNS resolution points to private IP addresses, enabling attackers to reach internal RAG APIs and cloud metadata endpoints. …

Remediation

Within 24 hours: Identify all LibreChat deployments running versions 0.8.2-rc2 through 0.8.2 and assess network exposure of internal APIs and metadata endpoints. Within 7 days: Upgrade all affected instances to LibreChat 0.8.3-rc1 or later. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +38

POC: 0

EUVD-2026-16765 vulnerability details – vuln.today

Back

EUVD-2026-16765

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Analysis

Full analysis requires sign-in

Priority Score

Share

EUVD-2026-16765

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Full analysis requires sign-in

Priority Score

Share

External POC / Exploit Code