CVE-2026-54027
Undergoing Analysis Undergoing Analysis - In Progress
Unauthorized File Upload in LibreChat

Publication date: 2026-06-25

Last updated on: 2026-06-25

Assigner: GitHub, Inc.

Description
LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the POST /api/files/images endpoint allows any authenticated user to upload files into any agent's tool_resources (e.g., context, execute_code) without verifying ownership or EDIT permission on the target agent. A permission check was added to the POST /api/files route in a previous patch, but the image upload route was never updated with the same check. An attacker can simply use the image endpoint instead of the file endpoint to bypass the authorization entirely. This vulnerability is fixed in 0.8.4-rc1.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-25
Last Modified
2026-06-25
Generated
2026-06-26
AI Q&A
2026-06-25
EPSS Evaluated
N/A
NVD
CVE-2026-54027
EUVD
EUVD-2026-39462
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
librechat librechat 0.8.4-rc1
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-862 The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in LibreChat versions prior to 0.8.4-rc1. It affects the POST /api/files/images endpoint, which allows any authenticated user to upload files into any agent's tool_resources without verifying if the user owns the agent or has EDIT permissions. Although a permission check was added to the POST /api/files route in a previous patch, the image upload route was not updated with the same check. As a result, an attacker can bypass authorization by using the image upload endpoint instead of the file upload endpoint.

Impact Analysis

This vulnerability can allow an authenticated attacker to upload files into any agent's tool_resources without proper authorization. This unauthorized file upload can lead to unauthorized modification or injection of malicious content into the agent's context or execution environment, potentially compromising the integrity of the system or enabling further attacks.

Mitigation Strategies

To mitigate this vulnerability, upgrade LibreChat to version 0.8.4-rc1 or later, where the issue with the POST /api/files/images endpoint has been fixed by adding proper permission checks.

Compliance Impact

The provided information does not specify how this vulnerability impacts compliance with common standards and regulations such as GDPR or HIPAA.

Detection Guidance

This vulnerability can be detected by monitoring or testing the use of the POST /api/files/images endpoint in LibreChat versions 0.8.3 and earlier. Since the issue allows authenticated users to upload files without proper permission checks, attempts to upload files via this endpoint by users without appropriate agent ownership or EDIT permissions indicate exploitation.

To detect potential exploitation on your system or network, you can look for HTTP POST requests to the /api/files/images endpoint from authenticated users who should not have permission to upload files to certain agents.

Suggested commands to detect this activity include using network traffic inspection tools like tcpdump or Wireshark to filter HTTP POST requests to the vulnerable endpoint, or using curl commands to test the endpoint manually if you have authenticated access.

  • Using tcpdump to capture POST requests to /api/files/images: tcpdump -A -s 0 'tcp port 80 or tcp port 443' | grep 'POST /api/files/images'
  • Using curl to test the endpoint (replace AUTH_TOKEN and URL accordingly): curl -X POST https://your-librechat-instance/api/files/images -H 'Authorization: Bearer AUTH_TOKEN' -F '[email protected]'

Additionally, reviewing application logs for unauthorized file uploads via the /api/files/images endpoint can help detect exploitation attempts.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-54027. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart