CVE-2026-31950 MEDIUM

CVE-2026-31950: LibreChat's IDOR in SSE Stream Subscription Allows Reading Other Users' Chats

Vendor Danny-Avila
Product LibreChat
Weakness CWE-284
Published March 27, 2026
Last update March 27, 2026
View on NVD All CVEs

CVSS base score

5.3/10
Attack vector Network
Attack complexity High
Privileges required Low
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

LibreChat is a ChatGPT clone with additional features. In versions 0.8.2-rc2 through 0.8.2-rc3, the SSE streaming endpoint `/api/agents/chat/stream/:streamId` does not verify that the requesting user owns the stream. Any authenticated user who obtains or guesses a valid stream ID can subscribe and read another user's real-time chat content, including messages, AI responses, and tool invocations. Version 0.8.2 patches the issue.

Key dates

02Disclosure timeline

March 27, 2026 CVE published
March 27, 2026 Record updated

Related vulnerabilities

04Related CVE

CVE-2025-11163 SmartCrawl SEO checker, analyzer & optimizer <= 3.14.3 - Missing Authorization to Plugin Settings Update CVE-2026-11532 imvks786 student_management_system Student Record add.php access control CVE-2024-37884 Nextcloud Server's users can delete old versions of read-only shared files CVE-2025-53360 pluginsGLPI's Database Inventory Plugin allows any authenticated user to send agent requests CVE-2022-4567 Improper Access Control in openemr/openemr