{"url":"http://public2.vulnerablecode.io/api/packages/711642?format=json","purl":"pkg:npm/%40lobehub/chat@0.117.5","type":"npm","namespace":"@lobehub","name":"chat","version":"0.117.5","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1.143.3","latest_non_vulnerable_version":"1.143.3","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49906?format=json","vulnerability_id":"VCID-78pn-bez6-nuat","summary":"LobeHub Vulnerable to Improper Authorization in Presigned Upload\nThe file upload feature in `Knowledge Base > File Upload` does not validate the integrity of the upload request, allowing users to intercept and modify the request parameters. As a result, it is possible to create arbitrary files in abnormal or unintended paths. In addition, since `lobechat.com` relies on the size parameter from the request to calculate file usage, an attacker can manipulate this value to misrepresent the actual file size, such as uploading a `1 GB` file while reporting it as `10 MB`, or falsely declaring a `10 MB` file as a `1 GB` file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-23835","reference_id":"","reference_type":"","scores":[{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.1316","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.132","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13197","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-23835"},{"reference_url":"https://github.com/lobehub/lobehub","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/lobehub/lobehub"},{"reference_url":"https://github.com/lobehub/lobehub/commit/2c1762b85acb84467ed5e799afe1499cd2f912e6","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/lobehub/lobehub/commit/2c1762b85acb84467ed5e799afe1499cd2f912e6"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-23835","reference_id":"CVE-2026-23835","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-23835"},{"reference_url":"https://github.com/advisories/GHSA-wrrr-8jcv-wjf5","reference_id":"GHSA-wrrr-8jcv-wjf5","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-wrrr-8jcv-wjf5"},{"reference_url":"https://github.com/lobehub/lobehub/security/advisories/GHSA-wrrr-8jcv-wjf5","reference_id":"GHSA-wrrr-8jcv-wjf5","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-30T20:21:13Z/"}],"url":"https://github.com/lobehub/lobehub/security/advisories/GHSA-wrrr-8jcv-wjf5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73758?format=json","purl":"pkg:npm/%40lobehub/chat@1.143.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/%2540lobehub/chat@1.143.3"}],"aliases":["CVE-2026-23835","GHSA-wrrr-8jcv-wjf5"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-78pn-bez6-nuat"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55381?format=json","vulnerability_id":"VCID-8qh9-2q7c-tqfd","summary":"Lobe Chat API Key Leak\nIf an attacker can successfully authenticate through SSO/Access Code, they can obtain the real backend API Key by modifying the base URL to their own attack URL on the frontend and setting up a server-side request.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-37895","reference_id":"","reference_type":"","scores":[{"value":"0.00467","scoring_system":"epss","scoring_elements":"0.64808","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00467","scoring_system":"epss","scoring_elements":"0.64819","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00467","scoring_system":"epss","scoring_elements":"0.64809","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-37895"},{"reference_url":"https://github.com/lobehub/lobe-chat","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/lobehub/lobe-chat"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-37895","reference_id":"CVE-2024-37895","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-37895"},{"reference_url":"https://github.com/advisories/GHSA-p36r-qxgx-jq2v","reference_id":"GHSA-p36r-qxgx-jq2v","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-p36r-qxgx-jq2v"},{"reference_url":"https://github.com/lobehub/lobe-chat/security/advisories/GHSA-p36r-qxgx-jq2v","reference_id":"GHSA-p36r-qxgx-jq2v","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-18T14:05:08Z/"}],"url":"https://github.com/lobehub/lobe-chat/security/advisories/GHSA-p36r-qxgx-jq2v"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81879?format=json","purl":"pkg:npm/%40lobehub/chat@0.162.25","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-78pn-bez6-nuat"},{"vulnerability":"VCID-az37-1hae-y7h4"},{"vulnerability":"VCID-facw-4ca9-ayfr"},{"vulnerability":"VCID-fkv5-wm1u-pfh5"},{"vulnerability":"VCID-fxza-2edn-ubhh"},{"vulnerability":"VCID-g4u9-b2aj-s3gy"},{"vulnerability":"VCID-p67q-uhv9-e3fe"},{"vulnerability":"VCID-qf24-bv2y-6bcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/%2540lobehub/chat@0.162.25"}],"aliases":["CVE-2024-37895","GHSA-p36r-qxgx-jq2v"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8qh9-2q7c-tqfd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48067?format=json","vulnerability_id":"VCID-az37-1hae-y7h4","summary":"Lobe Chat vulnerable to Server-Side Request Forgery with native web fetch module\n---\n\n- Since the server performs outbound requests to internal networks, localhost, and metadata endpoints, an attacker can abuse the server’s network position to access internal resources (internal APIs, management ports, cloud metadata, etc.).\n\n- As a result, this can lead to exposure of internal system information, leakage of authentication tokens/secret keys (e.g., IMDSv1/v2), misuse of internal admin interfaces, and provide a foothold for further lateral movement.\n\n- By leveraging user-supplied impls to force the unfiltered naive implementation, SSRF defenses—such as blocking private/metadata IPs, DNS re-validation/re-resolution, and redirect restrictions—can be bypassed.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-62505","reference_id":"","reference_type":"","scores":[{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07857","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07884","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07871","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-62505"},{"reference_url":"https://github.com/lobehub/lobe-chat","reference_id":"","reference_type":"","scores":[{"value":"3.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/lobehub/lobe-chat"},{"reference_url":"https://github.com/lobehub/lobe-chat/blob/d942a635b36a231156c60d824afa573af8032572/packages/web-crawler/src/crawImpl/naive.ts#L39-L45","reference_id":"","reference_type":"","scores":[{"value":"3.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/lobehub/lobe-chat/blob/d942a635b36a231156c60d824afa573af8032572/packages/web-crawler/src/crawImpl/naive.ts#L39-L45"},{"reference_url":"https://github.com/lobehub/lobe-chat/commit/8d59583dca16f218b99213d641733d8ba77f182c","reference_id":"","reference_type":"","scores":[{"value":"3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N"},{"value":"3.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-17T18:30:45Z/"}],"url":"https://github.com/lobehub/lobe-chat/commit/8d59583dca16f218b99213d641733d8ba77f182c"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-62505","reference_id":"CVE-2025-62505","reference_type":"","scores":[{"value":"3.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-62505"},{"reference_url":"https://github.com/advisories/GHSA-fgx4-p8xf-qhp9","reference_id":"GHSA-fgx4-p8xf-qhp9","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-fgx4-p8xf-qhp9"},{"reference_url":"https://github.com/lobehub/lobe-chat/security/advisories/GHSA-fgx4-p8xf-qhp9","reference_id":"GHSA-fgx4-p8xf-qhp9","reference_type":"","scores":[{"value":"3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N"},{"value":"3.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-17T18:30:45Z/"}],"url":"https://github.com/lobehub/lobe-chat/security/advisories/GHSA-fgx4-p8xf-qhp9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/70987?format=json","purl":"pkg:npm/%40lobehub/chat@1.136.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-78pn-bez6-nuat"},{"vulnerability":"VCID-fkv5-wm1u-pfh5"},{"vulnerability":"VCID-fxza-2edn-ubhh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/%2540lobehub/chat@1.136.2"}],"aliases":["CVE-2025-62505","GHSA-fgx4-p8xf-qhp9"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-az37-1hae-y7h4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47813?format=json","vulnerability_id":"VCID-facw-4ca9-ayfr","summary":"Lobe Chat Desktop vulnerable to Remote Code Execution via XSS in Chat Messages\nWe identified a cross-site scripting (XSS) vulnerability when handling chat message in lobe-chat that can be escalated to remote code execution on the user’s machine. Any party capable of injecting content into chat messages, such as hosting a malicious page for prompt injection, operating a compromised MCP server, or leveraging tool integrations, can exploit this vulnerability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-59417","reference_id":"","reference_type":"","scores":[{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.448","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.44822","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.44815","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-59417"},{"reference_url":"https://github.com/lobehub/lobe-chat","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/lobehub/lobe-chat"},{"reference_url":"https://github.com/lobehub/lobe-chat/blob/0a1dcf943ea294e35acbe57d07f7974efede8e2e/apps/desktop/src/main/controllers/SystemCtr.ts#L65-L68","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/lobehub/lobe-chat/blob/0a1dcf943ea294e35acbe57d07f7974efede8e2e/apps/desktop/src/main/controllers/SystemCtr.ts#L65-L68"},{"reference_url":"https://github.com/lobehub/lobe-chat/blob/0a1dcf943ea294e35acbe57d07f7974efede8e2e/src/features/Conversation/components/MarkdownElements/LobeArtifact/index.ts#L7-L11","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/lobehub/lobe-chat/blob/0a1dcf943ea294e35acbe57d07f7974efede8e2e/src/features/Conversation/components/MarkdownElements/LobeArtifact/index.ts#L7-L11"},{"reference_url":"https://github.com/lobehub/lobe-chat/blob/0a1dcf943ea294e35acbe57d07f7974efede8e2e/src/features/Conversation/components/MarkdownElements/LobeArtifact/rehypePlugin.ts#L50-L68","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/lobehub/lobe-chat/blob/0a1dcf943ea294e35acbe57d07f7974efede8e2e/src/features/Conversation/components/MarkdownElements/LobeArtifact/rehypePlugin.ts#L50-L68"},{"reference_url":"https://github.com/lobehub/lobe-chat/blob/0a1dcf943ea294e35acbe57d07f7974efede8e2e/src/features/Portal/Artifacts/Body/Renderer/index.tsx#L10-L32","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/lobehub/lobe-chat/blob/0a1dcf943ea294e35acbe57d07f7974efede8e2e/src/features/Portal/Artifacts/Body/Renderer/index.tsx#L10-L32"},{"reference_url":"https://github.com/lobehub/lobe-chat/blob/0a1dcf943ea294e35acbe57d07f7974efede8e2e/src/features/Portal/Artifacts/Body/Renderer/SVG.tsx#L67-L79","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/lobehub/lobe-chat/blob/0a1dcf943ea294e35acbe57d07f7974efede8e2e/src/features/Portal/Artifacts/Body/Renderer/SVG.tsx#L67-L79"},{"reference_url":"https://github.com/lobehub/lobe-chat/commit/9f044edd07ce102fe9f4b2fb47c62191c36da05c","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-09-19T17:01:22Z/"}],"url":"https://github.com/lobehub/lobe-chat/commit/9f044edd07ce102fe9f4b2fb47c62191c36da05c"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-59417","reference_id":"CVE-2025-59417","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-59417"},{"reference_url":"https://github.com/advisories/GHSA-m79r-r765-5f9j","reference_id":"GHSA-m79r-r765-5f9j","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-m79r-r765-5f9j"},{"reference_url":"https://github.com/lobehub/lobe-chat/security/advisories/GHSA-m79r-r765-5f9j","reference_id":"GHSA-m79r-r765-5f9j","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-09-19T17:01:22Z/"}],"url":"https://github.com/lobehub/lobe-chat/security/advisories/GHSA-m79r-r765-5f9j"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/70566?format=json","purl":"pkg:npm/%40lobehub/chat@1.129.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-78pn-bez6-nuat"},{"vulnerability":"VCID-az37-1hae-y7h4"},{"vulnerability":"VCID-fkv5-wm1u-pfh5"},{"vulnerability":"VCID-fxza-2edn-ubhh"},{"vulnerability":"VCID-qf24-bv2y-6bcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/%2540lobehub/chat@1.129.4"}],"aliases":["CVE-2025-59417","GHSA-m79r-r765-5f9j"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-facw-4ca9-ayfr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49765?format=json","vulnerability_id":"VCID-fkv5-wm1u-pfh5","summary":"Lobe Chat has IDOR in Knowledge Base File Removal that Allows Cross User File Deletion\n`knowledgeBase.removeFilesFromKnowledgeBase` tRPC ep allows authenticated users to delete files from any knowledge base without verifying ownership.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-23522","reference_id":"","reference_type":"","scores":[{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20524","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20564","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20577","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-23522"},{"reference_url":"https://github.com/lobehub/lobe-chat","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/lobehub/lobe-chat"},{"reference_url":"https://github.com/lobehub/lobe-chat/commit/2c1762b85acb84467ed5e799afe1499cd2f912e6","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-20T21:35:33Z/"}],"url":"https://github.com/lobehub/lobe-chat/commit/2c1762b85acb84467ed5e799afe1499cd2f912e6"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-23522","reference_id":"CVE-2026-23522","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-23522"},{"reference_url":"https://github.com/advisories/GHSA-j7xp-4mg9-x28r","reference_id":"GHSA-j7xp-4mg9-x28r","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-j7xp-4mg9-x28r"},{"reference_url":"https://github.com/lobehub/lobe-chat/security/advisories/GHSA-j7xp-4mg9-x28r","reference_id":"GHSA-j7xp-4mg9-x28r","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-20T21:35:33Z/"}],"url":"https://github.com/lobehub/lobe-chat/security/advisories/GHSA-j7xp-4mg9-x28r"}],"fixed_packages":[],"aliases":["CVE-2026-23522","GHSA-j7xp-4mg9-x28r"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fkv5-wm1u-pfh5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49763?format=json","vulnerability_id":"VCID-fxza-2edn-ubhh","summary":"Lobe Chat affected by Cross-Site Scripting(XSS) that can escalate to Remote Code Execution(RCE)\nA stored Cross-Site Scripting (XSS) vulnerability in the Mermaid artifact renderer allows attackers to execute arbitrary JavaScript within the application context. This XSS can be escalated to Remote Code Execution (RCE).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-23733","reference_id":"","reference_type":"","scores":[{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35462","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35501","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35489","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-23733"},{"reference_url":"https://github.com/lobehub/lobe-chat","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/lobehub/lobe-chat"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-23733","reference_id":"CVE-2026-23733","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-23733"},{"reference_url":"https://github.com/advisories/GHSA-4gpc-rhpj-9443","reference_id":"GHSA-4gpc-rhpj-9443","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4gpc-rhpj-9443"},{"reference_url":"https://github.com/lobehub/lobe-chat/security/advisories/GHSA-4gpc-rhpj-9443","reference_id":"GHSA-4gpc-rhpj-9443","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-20T19:37:28Z/"}],"url":"https://github.com/lobehub/lobe-chat/security/advisories/GHSA-4gpc-rhpj-9443"},{"reference_url":"https://github.com/lobehub/lobehub/security/advisories/GHSA-4gpc-rhpj-9443","reference_id":"GHSA-4gpc-rhpj-9443","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/lobehub/lobehub/security/advisories/GHSA-4gpc-rhpj-9443"}],"fixed_packages":[],"aliases":["CVE-2026-23733","GHSA-4gpc-rhpj-9443"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fxza-2edn-ubhh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55885?format=json","vulnerability_id":"VCID-g4u9-b2aj-s3gy","summary":"lobe-chat implemented an insufficient fix for GHSA-mxhq-xw3g-rphc (CVE-2024-32964)\nSSRF protection implemented in https://github.com/lobehub/lobe-chat/blob/main/src/app/api/proxy/route.ts does not consider redirect and could be bypassed when attacker provides external malicious url which redirects to internal resources like private network or loopback address.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-47066","reference_id":"","reference_type":"","scores":[{"value":"0.05777","scoring_system":"epss","scoring_elements":"0.90656","published_at":"2026-06-06T12:55:00Z"},{"value":"0.05777","scoring_system":"epss","scoring_elements":"0.90653","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-47066"},{"reference_url":"https://github.com/lobehub/lobe-chat","reference_id":"","reference_type":"","scores":[{"value":"9.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:H"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:L/SA:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/lobehub/lobe-chat"},{"reference_url":"https://github.com/lobehub/lobe-chat/blob/main/src/app/api/proxy/route.ts","reference_id":"","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:H"},{"value":"9.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:H"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:L/SA:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T15:39:49Z/"}],"url":"https://github.com/lobehub/lobe-chat/blob/main/src/app/api/proxy/route.ts"},{"reference_url":"https://github.com/lobehub/lobe-chat/commit/e960a23b0c69a5762eb27d776d33dac443058faf","reference_id":"","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:H"},{"value":"9.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:H"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:L/SA:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T15:39:49Z/"}],"url":"https://github.com/lobehub/lobe-chat/commit/e960a23b0c69a5762eb27d776d33dac443058faf"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47066","reference_id":"CVE-2024-47066","reference_type":"","scores":[{"value":"9.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:H"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:L/SA:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47066"},{"reference_url":"https://github.com/advisories/GHSA-3fc8-2r3f-8wrg","reference_id":"GHSA-3fc8-2r3f-8wrg","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-3fc8-2r3f-8wrg"},{"reference_url":"https://github.com/lobehub/lobe-chat/security/advisories/GHSA-3fc8-2r3f-8wrg","reference_id":"GHSA-3fc8-2r3f-8wrg","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:H"},{"value":"9.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:H"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:L/SA:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T15:39:49Z/"}],"url":"https://github.com/lobehub/lobe-chat/security/advisories/GHSA-3fc8-2r3f-8wrg"},{"reference_url":"https://github.com/lobehub/lobe-chat/security/advisories/GHSA-mxhq-xw3g-rphc","reference_id":"GHSA-mxhq-xw3g-rphc","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:H"},{"value":"9.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:H"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:L/SA:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T15:39:49Z/"}],"url":"https://github.com/lobehub/lobe-chat/security/advisories/GHSA-mxhq-xw3g-rphc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82778?format=json","purl":"pkg:npm/%40lobehub/chat@1.19.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-78pn-bez6-nuat"},{"vulnerability":"VCID-az37-1hae-y7h4"},{"vulnerability":"VCID-facw-4ca9-ayfr"},{"vulnerability":"VCID-fkv5-wm1u-pfh5"},{"vulnerability":"VCID-fxza-2edn-ubhh"},{"vulnerability":"VCID-qf24-bv2y-6bcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/%2540lobehub/chat@1.19.13"}],"aliases":["CVE-2024-47066","GHSA-3fc8-2r3f-8wrg"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g4u9-b2aj-s3gy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54769?format=json","vulnerability_id":"VCID-kjm4-xj32-fyea","summary":"lobe-chat `/api/proxy` endpoint Server-Side Request Forgery vulnerability\nThe latest version of lobe-chat(by now v0.141.2) has an unauthorized ssrf vulnerability. An attacker can construct malicious requests to cause SSRF without logging in, attack intranet services, and leak sensitive information.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32964","reference_id":"","reference_type":"","scores":[{"value":"0.71676","scoring_system":"epss","scoring_elements":"0.98752","published_at":"2026-06-07T12:55:00Z"},{"value":"0.71676","scoring_system":"epss","scoring_elements":"0.98753","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32964"},{"reference_url":"https://github.com/lobehub/lobe-chat","reference_id":"","reference_type":"","scores":[{"value":"9.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/lobehub/lobe-chat"},{"reference_url":"https://github.com/lobehub/lobe-chat/commit/465665a735556669ee30446c7ea9049a20cc7c37","reference_id":"","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:H"},{"value":"9.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-10T17:50:39Z/"}],"url":"https://github.com/lobehub/lobe-chat/commit/465665a735556669ee30446c7ea9049a20cc7c37"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-32964","reference_id":"CVE-2024-32964","reference_type":"","scores":[{"value":"9.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-32964"},{"reference_url":"https://github.com/advisories/GHSA-mxhq-xw3g-rphc","reference_id":"GHSA-mxhq-xw3g-rphc","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-mxhq-xw3g-rphc"},{"reference_url":"https://github.com/lobehub/lobe-chat/security/advisories/GHSA-mxhq-xw3g-rphc","reference_id":"GHSA-mxhq-xw3g-rphc","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:H"},{"value":"9.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:H"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-10T17:50:39Z/"}],"url":"https://github.com/lobehub/lobe-chat/security/advisories/GHSA-mxhq-xw3g-rphc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81232?format=json","purl":"pkg:npm/%40lobehub/chat@0.150.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-78pn-bez6-nuat"},{"vulnerability":"VCID-8qh9-2q7c-tqfd"},{"vulnerability":"VCID-az37-1hae-y7h4"},{"vulnerability":"VCID-facw-4ca9-ayfr"},{"vulnerability":"VCID-fkv5-wm1u-pfh5"},{"vulnerability":"VCID-fxza-2edn-ubhh"},{"vulnerability":"VCID-g4u9-b2aj-s3gy"},{"vulnerability":"VCID-p67q-uhv9-e3fe"},{"vulnerability":"VCID-qf24-bv2y-6bcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/%2540lobehub/chat@0.150.6"}],"aliases":["CVE-2024-32964","GHSA-mxhq-xw3g-rphc"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kjm4-xj32-fyea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56265?format=json","vulnerability_id":"VCID-p67q-uhv9-e3fe","summary":"@lobehub/chat Server Side Request Forgery vulnerability\nlobe-chat before 1.19.13 has an unauthorized ssrf vulnerability. An attacker can construct malicious requests to cause SSRF without logging in, attack intranet services, and leak sensitive information.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32965","reference_id":"","reference_type":"","scores":[{"value":"0.03119","scoring_system":"epss","scoring_elements":"0.87097","published_at":"2026-06-07T12:55:00Z"},{"value":"0.03119","scoring_system":"epss","scoring_elements":"0.87102","published_at":"2026-06-06T12:55:00Z"},{"value":"0.03119","scoring_system":"epss","scoring_elements":"0.87105","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32965"},{"reference_url":"https://github.com/lobehub/lobe-chat","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:L"},{"value":"7.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:L/SA:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/lobehub/lobe-chat"},{"reference_url":"https://github.com/lobehub/lobe-chat/commit/e960a23b0c69a5762eb27d776d33dac443058faf","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:L"},{"value":"7.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:L/SA:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-26T18:47:02Z/"}],"url":"https://github.com/lobehub/lobe-chat/commit/e960a23b0c69a5762eb27d776d33dac443058faf"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-32965","reference_id":"CVE-2024-32965","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:L"},{"value":"7.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:L/SA:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-32965"},{"reference_url":"https://github.com/advisories/GHSA-2xcc-vm3f-m8rw","reference_id":"GHSA-2xcc-vm3f-m8rw","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-2xcc-vm3f-m8rw"},{"reference_url":"https://github.com/lobehub/lobe-chat/security/advisories/GHSA-2xcc-vm3f-m8rw","reference_id":"GHSA-2xcc-vm3f-m8rw","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:L"},{"value":"7.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:L/SA:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-26T18:47:02Z/"}],"url":"https://github.com/lobehub/lobe-chat/security/advisories/GHSA-2xcc-vm3f-m8rw"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82778?format=json","purl":"pkg:npm/%40lobehub/chat@1.19.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-78pn-bez6-nuat"},{"vulnerability":"VCID-az37-1hae-y7h4"},{"vulnerability":"VCID-facw-4ca9-ayfr"},{"vulnerability":"VCID-fkv5-wm1u-pfh5"},{"vulnerability":"VCID-fxza-2edn-ubhh"},{"vulnerability":"VCID-qf24-bv2y-6bcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/%2540lobehub/chat@1.19.13"}],"aliases":["CVE-2024-32965","GHSA-2xcc-vm3f-m8rw"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p67q-uhv9-e3fe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47857?format=json","vulnerability_id":"VCID-qf24-bv2y-6bcp","summary":"lobe-chat has an Open Redirect\n---\n\n- It can force users to redirect to untrusted external domains, leading to subsequent attacks such as phishing, credential harvesting, and session fixation.\n- It can disrupt the OAuth/OIDC flow user experience by redirecting users to malicious domains disguised as legitimate pages (even though this path doesn't directly include tokens, it can be exploited for social engineering attacks through redirect chains).\n- The impact can be amplified when redirect chains are combined with other vulnerabilities such as CSP bypass or cache poisoning.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-59426","reference_id":"","reference_type":"","scores":[{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35743","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35783","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35772","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-59426"},{"reference_url":"https://github.com/lobehub/lobe-chat","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/lobehub/lobe-chat"},{"reference_url":"https://github.com/lobehub/lobe-chat/blob/aa841a3879c30142720485182ad62aa0dbd74edc/src/app/(backend)/oidc/consent/route.ts#L113-L127","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-25T14:18:07Z/"}],"url":"https://github.com/lobehub/lobe-chat/blob/aa841a3879c30142720485182ad62aa0dbd74edc/src/app/(backend)/oidc/consent/route.ts#L113-L127"},{"reference_url":"https://github.com/lobehub/lobe-chat/commit/70f52a3c1fadbd41a9db0e699d1e44d9965de445","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-25T14:18:07Z/"}],"url":"https://github.com/lobehub/lobe-chat/commit/70f52a3c1fadbd41a9db0e699d1e44d9965de445"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-59426","reference_id":"CVE-2025-59426","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-59426"},{"reference_url":"https://github.com/advisories/GHSA-xph5-278p-26qx","reference_id":"GHSA-xph5-278p-26qx","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xph5-278p-26qx"},{"reference_url":"https://github.com/lobehub/lobe-chat/security/advisories/GHSA-xph5-278p-26qx","reference_id":"GHSA-xph5-278p-26qx","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-25T14:18:07Z/"}],"url":"https://github.com/lobehub/lobe-chat/security/advisories/GHSA-xph5-278p-26qx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/70615?format=json","purl":"pkg:npm/%40lobehub/chat@1.130.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-78pn-bez6-nuat"},{"vulnerability":"VCID-az37-1hae-y7h4"},{"vulnerability":"VCID-fkv5-wm1u-pfh5"},{"vulnerability":"VCID-fxza-2edn-ubhh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/%2540lobehub/chat@1.130.1"}],"aliases":["CVE-2025-59426","GHSA-xph5-278p-26qx"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qf24-bv2y-6bcp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46922?format=json","vulnerability_id":"VCID-vrt2-ung9-vufw","summary":"Improper Access Control\nLobe Chat is a chatbot framework that supports speech synthesis, multimodal, and extensible Function Call plugin system. When the application is password-protected (deployed with the `ACCESS_CODE` option), it is possible to access plugins without proper authorization (without password). This vulnerability is patched in 0.122.4.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-24566","reference_id":"","reference_type":"","scores":[{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.33778","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.33812","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.33796","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-24566"},{"reference_url":"https://github.com/lobehub/lobe-chat","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/lobehub/lobe-chat"},{"reference_url":"https://github.com/lobehub/lobe-chat/commit/2184167f09ab68e4efa051ee984ea0c4e7c48fbd","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-31T19:29:39Z/"}],"url":"https://github.com/lobehub/lobe-chat/commit/2184167f09ab68e4efa051ee984ea0c4e7c48fbd"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-24566","reference_id":"CVE-2024-24566","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-24566"},{"reference_url":"https://github.com/advisories/GHSA-pf55-fj96-xf37","reference_id":"GHSA-pf55-fj96-xf37","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-pf55-fj96-xf37"},{"reference_url":"https://github.com/lobehub/lobe-chat/security/advisories/GHSA-pf55-fj96-xf37","reference_id":"GHSA-pf55-fj96-xf37","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-31T19:29:39Z/"}],"url":"https://github.com/lobehub/lobe-chat/security/advisories/GHSA-pf55-fj96-xf37"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/68665?format=json","purl":"pkg:npm/%40lobehub/chat@0.122.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-78pn-bez6-nuat"},{"vulnerability":"VCID-8qh9-2q7c-tqfd"},{"vulnerability":"VCID-az37-1hae-y7h4"},{"vulnerability":"VCID-facw-4ca9-ayfr"},{"vulnerability":"VCID-fkv5-wm1u-pfh5"},{"vulnerability":"VCID-fxza-2edn-ubhh"},{"vulnerability":"VCID-g4u9-b2aj-s3gy"},{"vulnerability":"VCID-kjm4-xj32-fyea"},{"vulnerability":"VCID-p67q-uhv9-e3fe"},{"vulnerability":"VCID-qf24-bv2y-6bcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/%2540lobehub/chat@0.122.4"}],"aliases":["CVE-2024-24566","GHSA-pf55-fj96-xf37"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vrt2-ung9-vufw"}],"fixing_vulnerabilities":[],"risk_score":"4.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/%2540lobehub/chat@0.117.5"}