Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-54036

Summary
Assigner-GitHub_M
Assigner Org ID-a0819718-46f1-4df5-94e2-005712e83aaa
Published At-25 Jun, 2026 | 15:39
Updated At-25 Jun, 2026 | 16:01
Rejected At-
Credits

LibreChat: 2FA Re-enrollment Allows Full Account 2FA Takeover Without OTP Verification

LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the GET /api/auth/2fa/enable endpoint can be called by an authenticated user (or attacker with a stolen session) even when 2FA is already fully enabled on the account. This endpoint overwrites the existing TOTP secret, generates new backup codes, and sets twoFactorEnabled to false — all without requiring any TOTP or backup code verification. An attacker with a valid session token can completely take over a victim's 2FA, locking the legitimate user out of their own two-factor authentication. This vulnerability is fixed in 0.8.4-rc1.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:GitHub_M
Assigner Org ID:a0819718-46f1-4df5-94e2-005712e83aaa
Published At:25 Jun, 2026 | 15:39
Updated At:25 Jun, 2026 | 16:01
Rejected At:
▼CVE Numbering Authority (CNA)
LibreChat: 2FA Re-enrollment Allows Full Account 2FA Takeover Without OTP Verification

LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the GET /api/auth/2fa/enable endpoint can be called by an authenticated user (or attacker with a stolen session) even when 2FA is already fully enabled on the account. This endpoint overwrites the existing TOTP secret, generates new backup codes, and sets twoFactorEnabled to false — all without requiring any TOTP or backup code verification. An attacker with a valid session token can completely take over a victim's 2FA, locking the legitimate user out of their own two-factor authentication. This vulnerability is fixed in 0.8.4-rc1.

Affected Products
Vendor
danny-avila
Product
LibreChat
Versions
Affected
  • < 0.8.4-rc1
Problem Types
TypeCWE IDDescription
CWECWE-306CWE-306: Missing Authentication for Critical Function
Type: CWE
CWE ID: CWE-306
Description: CWE-306: Missing Authentication for Critical Function
Metrics
VersionBase scoreBase severityVector
3.15.3MEDIUM
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
Version: 3.1
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/danny-avila/LibreChat/security/advisories/GHSA-45fp-6q26-wfgq
x_refsource_CONFIRM
Hyperlink: https://github.com/danny-avila/LibreChat/security/advisories/GHSA-45fp-6q26-wfgq
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/danny-avila/LibreChat/security/advisories/GHSA-45fp-6q26-wfgq
exploit
Hyperlink: https://github.com/danny-avila/LibreChat/security/advisories/GHSA-45fp-6q26-wfgq
Resource:
exploit
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security-advisories@github.com
Published At:25 Jun, 2026 | 16:16
Updated At:26 Jun, 2026 | 19:02

LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the GET /api/auth/2fa/enable endpoint can be called by an authenticated user (or attacker with a stolen session) even when 2FA is already fully enabled on the account. This endpoint overwrites the existing TOTP secret, generates new backup codes, and sets twoFactorEnabled to false — all without requiring any TOTP or backup code verification. An attacker with a valid session token can completely take over a victim's 2FA, locking the legitimate user out of their own two-factor authentication. This vulnerability is fixed in 0.8.4-rc1.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.15.3MEDIUM
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
Primary3.18.1HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
N/A
Type: Secondary
Version: 3.1
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
Type: Primary
Version: 3.1
Base score: 8.1
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Type: N/A
Version:
Base score:
Base severity: N/A
Vector:
CPE Matches

librechat
librechat
>>librechat>>Versions up to 0.8.3(inclusive)
cpe:2.3:a:librechat:librechat:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-306Secondarysecurity-advisories@github.com
CWE ID: CWE-306
Type: Secondary
Source: security-advisories@github.com
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://github.com/danny-avila/LibreChat/security/advisories/GHSA-45fp-6q26-wfgqsecurity-advisories@github.com
Exploit
Vendor Advisory
https://github.com/danny-avila/LibreChat/security/advisories/GHSA-45fp-6q26-wfgq134c704f-9b21-4f2e-91b3-4a467353bcc0
Exploit
Vendor Advisory
Hyperlink: https://github.com/danny-avila/LibreChat/security/advisories/GHSA-45fp-6q26-wfgq
Source: security-advisories@github.com
Resource:
Exploit
Vendor Advisory
Hyperlink: https://github.com/danny-avila/LibreChat/security/advisories/GHSA-45fp-6q26-wfgq
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Resource:
Exploit
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

8Records found

CVE-2026-44654
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-5.7||MEDIUM
EPSS-0.27% / 17.91%
||
7 Day CHG~0.00%
Published-02 Jun, 2026 | 22:47
Updated-04 Jun, 2026 | 19:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
LibreChat: Shared-agent editor can globally delete owner's file records — breaks owner's other private agents

LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. In versions up to and including 0.8.3, a shared-agent editor can delete file records through `DELETE /api/files` that the owner has reused across multiple agents. The deletion removes the file globally — not just from the shared agent — breaking the owner's other private agents that reference the same `file_id`. The private agent retains a stale `file_id` reference that no longer resolves. A shared-agent editor can destroy files that the owner uses across multiple agents. The owner's private agents — which the attacker has no access to — break silently with stale `file_id` references. This is a cross-agent integrity violation: editing access to one agent should not affect another. Version 0.8.4 contains a patch.

Action-Not Available
Vendor-librechatdanny-avila
Product-librechatLibreChat
CWE ID-CWE-863
Incorrect Authorization
CVE-2026-54029
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.16% / 5.42%
||
7 Day CHG~0.00%
Published-25 Jun, 2026 | 15:51
Updated-29 Jun, 2026 | 15:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
LibreChat: IDOR in Message Deletion — Incomplete Fix for CVE-2024-41703 Leaves deleteMessages() Without User Filter

LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the DELETE /api/messages/:conversationId/:messageId endpoint allows any authenticated user to delete any other user's messages. The validateMessageReq middleware only validates that the conversationId belongs to the requesting user, but the handler calls deleteMessages({ messageId }) using only the messageId as the MongoDB filter — without adding a user constraint. An attacker provides their own valid conversationId (to pass validation) and the victim's messageId (to target deletion), resulting in permanent, irrecoverable message deletion. This vulnerability is fixed in 0.8.4-rc1.

Action-Not Available
Vendor-librechatdanny-avila
Product-librechatLibreChat
CWE ID-CWE-862
Missing Authorization
CVE-2026-54040
Matching Score-6
Assigner-GitHub, Inc.
ShareView Details
Matching Score-6
Assigner-GitHub, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.15% / 4.60%
||
7 Day CHG~0.00%
Published-25 Jun, 2026 | 15:45
Updated-29 Jun, 2026 | 16:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
LibreChat: 2FA Backup Code Regeneration Without OTP Verification Allows 2FA Bypass

LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the POST /api/auth/2fa/backup/regenerate endpoint regenerates all 2FA backup codes without requiring any TOTP token or existing backup code verification. An attacker with a stolen session token can silently replace a victim's backup codes and use them to bypass 2FA login or disable 2FA entirely. This vulnerability is fixed in 0.8.4-rc1.

Action-Not Available
Vendor-librechatdanny-avila
Product-librechatLibreChat
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2026-31944
Matching Score-6
Assigner-GitHub, Inc.
ShareView Details
Matching Score-6
Assigner-GitHub, Inc.
CVSS Score-7.6||HIGH
EPSS-0.24% / 15.51%
||
7 Day CHG~0.00%
Published-13 Mar, 2026 | 19:44
Updated-17 Mar, 2026 | 12:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
LibreChat MCP OAuth callback does not validate browser session — allows token theft via redirect link

LibreChat is a ChatGPT clone with additional features. From 0.8.2 to 0.8.2-rc3, The MCP (Model Context Protocol) OAuth callback endpoint accepts the redirect from the identity provider and stores OAuth tokens for the user who initiated the flow, without verifying that the browser hitting the redirect URL is logged in or that the logged-in user matches the initiator. An attacker can send the authorization URL to a victim; when the victim completes the flow, the victim’s OAuth tokens are stored on the attacker’s LibreChat account, enabling account takeover of the victim’s MCP-linked services (e.g. Atlassian, Outlook). This vulnerability is fixed in 0.8.3-rc1.

Action-Not Available
Vendor-librechatdanny-avila
Product-librechatLibreChat
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2024-42455
Matching Score-4
Assigner-HackerOne
ShareView Details
Matching Score-4
Assigner-HackerOne
CVSS Score-7.1||HIGH
EPSS-14.01% / 96.10%
||
7 Day CHG~0.00%
Published-04 Dec, 2024 | 01:06
Updated-24 Apr, 2025 | 17:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Veeam Backup & Replication allows a low-privileged user to connect to remoting services and exploit insecure deserialization by sending a serialized temporary file collection. This exploit allows the attacker to delete any file on the system with service account privileges. The vulnerability is caused by an insufficient blacklist during the deserialization process.

Action-Not Available
Vendor-Veeam Software Group GmbH
Product-veeam_backup_\&_replicationBackup & Replicationbackup_and_replication
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2024-41967
Matching Score-4
Assigner-CERT@VDE
ShareView Details
Matching Score-4
Assigner-CERT@VDE
CVSS Score-8.1||HIGH
EPSS-0.39% / 31.02%
||
7 Day CHG~0.00%
Published-18 Nov, 2024 | 09:03
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WAGO: Boot Mode Manipulation in Multiple Devices

A low privileged remote attacker may modify the boot mode configuration setup of the device, leading to modification of the firmware upgrade process or a denial-of-service attack.

Action-Not Available
Vendor-WAGO
Product-TP600 0762-620x/8000-000xPFC200 G2 750-821x-xxx-xxxEdge Controller 0752-8303/8000-0002PFC100 G1 0750-810x/xxxx-xxxxCC100 0751-9x01PFC200 G1 0750-820x/xxx-xxxCC100 0751/9x01TP600 0762-430x/8000-000xPFC100 G2 0750-811x-xxxx-xxxxTP600 0762-420x/8000-000xTP600 0762-530x/8000-000xTP600 0762-630x/8000-000xTP600 0762-520x/8000-000xPFC200 G1 750-820x-xxx-xxxPFC200 G2 0750-821x/xxx-xxx
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2021-27395
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-8.1||HIGH
EPSS-0.78% / 51.28%
||
7 Day CHG~0.00%
Published-12 Oct, 2021 | 09:49
Updated-03 Aug, 2024 | 20:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC Process Historian 2013 and earlier (All versions), SIMATIC Process Historian 2014 (All versions < SP3 Update 6), SIMATIC Process Historian 2019 (All versions), SIMATIC Process Historian 2020 (All versions). An interface in the software that is used for critical functionalities lacks authentication, which could allow a malicious user to maliciously insert, modify or delete data.

Action-Not Available
Vendor-Siemens AG
Product-simatic_process_historian_2013simatic_process_historian_2019simatic_process_historian_2014simatic_process_historian_2020SIMATIC Process Historian 2013 and earlierSIMATIC Process Historian 2020SIMATIC Process Historian 2019SIMATIC Process Historian 2014
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2020-26649
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.1||HIGH
EPSS-0.74% / 50.15%
||
7 Day CHG~0.00%
Published-22 Oct, 2020 | 14:12
Updated-04 Aug, 2024 | 15:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

AtomXCMS 2.0 is affected by Incorrect Access Control via admin/dump.php

Action-Not Available
Vendor-atomxn/a
Product-atomxcms_2n/a
CWE ID-CWE-862
Missing Authorization
CWE ID-CWE-306
Missing Authentication for Critical Function
Details not found