CVE-2025-62505 is a Server-Side Request Forgery (SSRF) vulnerability identified in the LobeChat open source chat application platform, specifically affecting the web-crawler package in versions prior to 1.136.2. The vulnerability resides in the tools.search.crawlPages tRPC endpoint, which accepts a user-supplied array of URLs along with an implementation parameter set to 'naive'. The naive crawler implementation performs server-side HTTP fetches of each URL without validating or restricting requests to internal network addresses such as localhost (127.0.0.1), private IP ranges (e.g., 10.x.x.x, 192.168.x.x), or cloud instance metadata endpoints. This lack of validation enables an attacker who possesses a valid user token—or can exploit a development mode bypass header—to coerce the server into making HTTP requests to internal services that are otherwise inaccessible externally. Consequently, the attacker can retrieve sensitive internal API data or cloud metadata credentials, potentially leading to further compromise within the internal network or cloud environment. The vulnerability has a CVSS v3.1 base score of 3.0, reflecting low severity due to the requirement for authenticated access and high attack complexity. The issue was publicly disclosed on October 17, 2025, and fixed in LobeChat version 1.136.2. No known exploits are currently in the wild, and no workarounds exist aside from upgrading to the patched version.

For European organizations deploying LobeChat versions prior to 1.136.2, this SSRF vulnerability poses a risk of unauthorized internal network reconnaissance and data disclosure. Attackers with valid user credentials could leverage this flaw to access internal HTTP services, potentially exposing sensitive internal APIs, configuration data, or cloud metadata credentials that could facilitate privilege escalation or lateral movement within the network. This is particularly concerning for organizations hosting LobeChat on cloud infrastructure where metadata endpoints provide critical instance identity and credential information. While the CVSS score is low, the impact on confidentiality can be significant if exploited, especially in environments with sensitive internal services or poorly segmented networks. The vulnerability does not affect system availability or integrity directly but increases the attack surface for further compromise. European entities in sectors such as finance, healthcare, or government that rely on LobeChat for internal communications or collaboration may face elevated risks if they do not promptly apply the patch.

The primary and only effective mitigation is to upgrade LobeChat to version 1.136.2 or later, which contains the fix for this SSRF vulnerability. Organizations should audit their deployments to identify any instances running affected versions and prioritize patching. Additionally, implement strict network segmentation and firewall rules to restrict server-side HTTP requests from reaching sensitive internal services or cloud metadata endpoints. Employ monitoring and alerting on unusual outbound HTTP requests from application servers to detect potential exploitation attempts. Enforce strong authentication and authorization controls to limit access to the vulnerable endpoint, and consider disabling or restricting the web-crawler functionality if not required. Finally, review cloud provider best practices for metadata service protection, such as enabling metadata service version 2 (IMDSv2) where applicable, to reduce the risk of credential exposure.