EUVD-2026-16767
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
3Description
LibreChat is a ChatGPT clone with additional features. In versions 0.8.2-rc2 through 0.8.2-rc3, the SSE streaming endpoint `/api/agents/chat/stream/:streamId` does not verify that the requesting user owns the stream. Any authenticated user who obtains or guesses a valid stream ID can subscribe and read another user's real-time chat content, including messages, AI responses, and tool invocations. Version 0.8.2 patches the issue.
Analysis
Unauthenticated stream hijacking in LibreChat versions 0.8.2-rc2 through 0.8.2-rc3 allows authenticated users to read other users' real-time chat conversations via the SSE streaming endpoint `/api/agents/chat/stream/:streamId` without ownership verification. An attacker with valid credentials can enumerate or guess stream IDs to intercept sensitive messages, AI-generated responses, and tool invocation data from arbitrary users. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 30 days: Identify affected systems running versions 0.8.2-rc2 and apply vendor patches as part of regular patch cycle. Monitor vendor channels for patch availability.
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today