CVE-2026-4276.yaml
1 info: 2 name: librechat 3 cve: CVE-2026-4276 4 summary: LibreChat RAG API v0.7.0 日志注入漏洞 5 details: >- 6 LibreChat RAG API 版本 0.7.0 存在日志注入漏洞,允许攻击者伪造日志条目。 7 cvss: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 8 severity: HIGH 9 security_advise: 升级到 LibreChat 的修复版本。 10 references: 11 - https://kb.cert.org/vuls/id/624941 12 - https://www.kb.cert.org/vuls/id/624941 13 rule: 'version == "0.7.0"' 14 references: 15 - https://kb.cert.org/vuls/id/624941 16 - https://www.kb.cert.org/vuls/id/624941