Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| LibreChat | RAG API | affected |
|
No data.
No data.
| Vendor | Product | Confidence | Versions | ||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| Librechat | Rag Api | 100% |
|
Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Sun, 29 Mar 2026 20:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-107 CWE-20 |
Fri, 27 Mar 2026 20:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-107 CWE-15 |
Fri, 27 Mar 2026 10:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-107 CWE-15 |
Fri, 27 Mar 2026 08:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-117 |
Thu, 26 Mar 2026 12:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-117 |
Wed, 25 Mar 2026 22:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-532 |
Wed, 25 Mar 2026 15:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-532 |
Wed, 25 Mar 2026 12:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-79 CWE-89 |
Tue, 24 Mar 2026 13:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-79 CWE-89 |
Tue, 17 Mar 2026 18:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
cvssV3_1
|
Tue, 17 Mar 2026 10:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Librechat
Librechat rag Api |
|
| Vendors & Products |
Librechat
Librechat rag Api |
Mon, 16 Mar 2026 17:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
Mon, 16 Mar 2026 15:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | LibreChat RAG API, version 0.7.0, contains a log-injection vulnerability that allows attackers to forge log entries. | |
| Title | LibreChat RAG API, version 0.7.0, contains a log-injection vulnerability that allows attackers to forge log entries. | |
| References |
|
MITRE
Status: PUBLISHED
Assigner: certcc
Published:
Updated: 2026-03-17T17:15:16.494Z
Reserved: 2026-03-16T15:25:58.025Z
Link: CVE-2026-4276
Vulnrichment
Updated: 2026-03-16T16:22:47.436Z
NVD
Status : Awaiting Analysis
Published: 2026-03-16T16:16:18.723
Modified: 2026-03-17T18:16:17.670
Link: CVE-2026-4276
Redhat
No data.
OpenCVE Enrichment
Updated: 2026-03-29T20:29:08Z