CVE-2025-54868 is a high-severity improper authorization vulnerability (CWE-285) affecting the LibreChat application, a ChatGPT clone developed by danny-avila. The vulnerability exists in versions 0.0.6 through 0.7.7-rc1 due to an exposed testing API endpoint (/api/search/test) that interfaces directly with the Meilisearch engine used by LibreChat to store chat data. This endpoint lacks proper access control, allowing unauthenticated attackers to query and retrieve arbitrary chat records belonging to any user. The vulnerability does not require any authentication or user interaction and can be exploited remotely over the network. The impact is a complete breach of confidentiality, as sensitive chat conversations can be read by unauthorized parties. The flaw was addressed and fixed in version 0.7.7 of LibreChat. The CVSS v3.1 base score is 7.5, reflecting the ease of exploitation (network accessible, no privileges or user interaction required) and the high confidentiality impact, while integrity and availability remain unaffected. No known exploits are currently reported in the wild. The root cause is improper authorization checks on a testing endpoint that should have been disabled or secured before release. This vulnerability highlights the risks of leaving debug or test interfaces exposed in production environments, especially when they provide direct access to sensitive data stores like Meilisearch. Organizations using affected LibreChat versions are at risk of unauthorized data disclosure through this flaw.

For European organizations deploying LibreChat versions 0.0.6 through 0.7.7-rc1, this vulnerability poses a significant risk to the confidentiality of internal or customer communications. Unauthorized access to chat logs could lead to exposure of sensitive business information, intellectual property, or personal data, potentially violating GDPR and other privacy regulations. The breach of confidentiality could damage organizational reputation, result in regulatory fines, and undermine trust in internal communication platforms. Since LibreChat is a ChatGPT clone, it may be used in sectors like customer support, research, or internal collaboration, increasing the sensitivity of the data at risk. The vulnerability’s network accessibility and lack of authentication requirements make it easy for attackers to exploit remotely, increasing the attack surface. Although no integrity or availability impacts are noted, the confidentiality breach alone is critical. European organizations must assess their use of LibreChat and ensure they are not running vulnerable versions to avoid data leakage incidents.

1. Immediate upgrade to LibreChat version 0.7.7 or later, where the vulnerability is fixed. 2. If upgrading is not immediately possible, disable or restrict access to the /api/search/test endpoint at the network or application level, ensuring it is not accessible externally or internally without proper authorization. 3. Implement strict access controls and authentication mechanisms for all API endpoints, especially those interfacing with data stores like Meilisearch. 4. Conduct a thorough audit of all debug, test, or development endpoints in production environments to ensure none are exposed. 5. Monitor network traffic and logs for unusual access patterns to the Meilisearch engine or the vulnerable endpoint. 6. Review and enhance data protection policies to ensure compliance with GDPR and other relevant regulations, including data minimization and encryption at rest and in transit. 7. Educate development teams on secure coding practices, emphasizing the removal or protection of test/debug endpoints before deployment. 8. Consider implementing Web Application Firewalls (WAF) rules to detect and block unauthorized access attempts to sensitive API endpoints.