Main Vulnerability Database Exploits ID:12552 - Exploit for Path traversal in LibreChat - CVE-2026-34371

ID:12552 - Exploit for Path traversal in LibreChat - CVE-2026-34371

Published: April 7, 2026

Vulnerability identifier: #VU125020

Vulnerability risk: Medium

CVE-ID: CVE-2026-34371

CWE-ID: CWE-22

Exploitation vector: Remote access

Vulnerable software:
LibreChat

Link to public exploit:

https://github.com/danny-avila/LibreChat/security/advisories/GHSA-qrm5-r67f-6692/#poc

Vulnerability description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences in execute_code. A remote user can send a specially crafted HTTP request and write arbitrary files on the system.

Remediation

Install updates from vendor's website.

ID:12552 - Exploit for Path traversal in LibreChat - CVE-2026-34371

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human