CVE-2025-7104

HIGH

danny-avila/librechat - Mass Assignment

Title source: llm

Description

A mass assignment vulnerability exists in danny-avila/librechat, affecting all versions. This vulnerability allows attackers to manipulate sensitive fields by automatically binding user-provided data to internal object properties or database fields without proper filtering. As a result, any extra fields in the request body are included in agentData and passed to the database layer, allowing overwriting of any field in the schema, such as author, access_level, isCollaborative, and projectIds. Additionally, the Object.Prototype can be polluted due to the use of Object.assign with spread operators.

References (2)

[Patch] https://github.com/danny-avila/librechat/commit/a37bf6719cfbc2de270f7d87b6b85d87cc1768db

View Patch ZIP pw:eip

[Exploit, Patch, Third Party Advisory] https://huntr.com/bounties/32a175c4-7543-4503-a3d0-7880abd1826b

Scores

CVSS v3 7.5

EPSS 0.0005

EPSS Percentile 15.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-915

Status published

Products (1)

librechat/librechat < 0.7.9

Published Sep 29, 2025

Tracked Since Feb 18, 2026