CVE-2026-54029
Analyzed Analyzed - Analysis Complete

Stored Message Deletion in LibreChat

Vulnerability report for CVE-2026-54029, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-25

Last updated on: 2026-06-29

Assigner: GitHub, Inc.

Description

LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the DELETE /api/messages/:conversationId/:messageId endpoint allows any authenticated user to delete any other user's messages. The validateMessageReq middleware only validates that the conversationId belongs to the requesting user, but the handler calls deleteMessages({ messageId }) using only the messageId as the MongoDB filter β€” without adding a user constraint. An attacker provides their own valid conversationId (to pass validation) and the victim's messageId (to target deletion), resulting in permanent, irrecoverable message deletion. This vulnerability is fixed in 0.8.4-rc1.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-25
Last Modified
2026-06-29
Generated
2026-07-16
AI Q&A
2026-06-25
EPSS Evaluated
2026-07-14
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
librechat librechat to 0.8.3 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-862 The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-54029 is an Insecure Direct Object Reference (IDOR) vulnerability in the LibreChat application affecting the message deletion functionality.

The vulnerability occurs because the deleteMessages() function only uses the message ID as a filter without verifying if the message belongs to the requesting user.

An attacker who is an authenticated user can provide their own valid conversation ID to pass validation and the victim's message ID to delete messages that do not belong to them.

This results in permanent and irrecoverable deletion of any message in the system.

Compliance Impact

This vulnerability allows any authenticated user to permanently delete messages belonging to other users without proper authorization, leading to potential evidence tampering, data loss, and service disruption.

Such unauthorized deletion of user data can negatively impact compliance with data protection regulations like GDPR and HIPAA, which require maintaining data integrity, ensuring proper access controls, and protecting user data from unauthorized modification or deletion.

Specifically, the inability to prevent unauthorized message deletion may violate principles of data integrity and accountability mandated by these standards.

Impact Analysis

This vulnerability can lead to evidence tampering, service disruption, and data loss.

Since messages are permanently removed from the MongoDB database without soft-deletion, deleted messages cannot be recovered.

An attacker exploiting this flaw can delete important messages belonging to other users, potentially causing loss of critical information and impacting the integrity of communications.

Detection Guidance

This vulnerability can be detected by monitoring API requests to the DELETE /api/messages/:conversationId/:messageId endpoint for suspicious activity where an authenticated user attempts to delete messages that do not belong to their own conversation.

Specifically, detection involves checking if the messageId being deleted does not correspond to the requesting user's messages, indicating potential exploitation of the IDOR vulnerability.

Commands or methods to detect this might include analyzing server logs or MongoDB query logs for DELETE requests with mismatched user and message ownership.

  • Use MongoDB queries to audit deletions, for example: db.messages.find({ _id: ObjectId(messageId), userId: { $ne: requestingUserId } }) to identify deletions of messages not owned by the user.
  • Monitor HTTP access logs for DELETE requests to /api/messages/ and correlate conversationId and messageId with authenticated user sessions.
Mitigation Strategies

The immediate mitigation step is to upgrade LibreChat to version 0.8.4-rc1 or later, where this vulnerability has been fixed by properly adding user constraints to the deleteMessages() function.

Until the upgrade is applied, restrict access to the DELETE /api/messages/:conversationId/:messageId endpoint to trusted users only, or disable message deletion functionality temporarily.

Additionally, review and enhance authorization checks in the message deletion logic to ensure that users can only delete their own messages.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-54029. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart