Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

npm

@lobehub/chat

npm

Lobe Chat - an open-source, high-performance chatbot framework that supports speech synthesis, multimodal, and extensible Function Call plugin system. Supports one-click free deployment of your private ChatGPT/LLM web application.

View on github.com · View on npmjs.org

Security Advisories for @lobehub/chat in npm

Low
about 2 months ago

Lobe Chat vulnerable to Server-Side Request Forgery with native web fetch module GSA_kwCzR0hTQS1mZ3g0LXA4eGYtcWhwOc4ABNg4

npm @lobehub/chat
Moderate
3 months ago

lobe-chat has an Open Redirect GSA_kwCzR0hTQS14cGg1LTI3OHAtMjZxeM4ABMn0

npm @lobehub/chat
Moderate
3 months ago

Lobe Chat Desktop vulnerable to Remote Code Execution via XSS in Chat Messages GSA_kwCzR0hTQS1tNzlyLXI3NjUtNWY5as4ABMXt

npm @lobehub/chat
High
about 1 year ago

@lobehub/chat Server Side Request Forgery vulnerability GSA_kwCzR0hTQS0yeGNjLXZtM2YtbThyd84ABByj

npm @lobehub/chat
Moderate
about 1 year ago

lobe-chat implemented an insufficient fix for GHSA-mxhq-xw3g-rphc (CVE-2024-32964) GSA_kwCzR0hTQS0zZmM4LTJyM2YtOHdyZ84AA_um

npm @lobehub/chat
Moderate
over 1 year ago

Lobe Chat API Key Leak GSA_kwCzR0hTQS1wMzZyLXF4Z3gtanEyds4AA9I3

npm @lobehub/chat
Critical
over 1 year ago

lobe-chat `/api/proxy` endpoint Server-Side Request Forgery vulnerability GSA_kwCzR0hTQS1teGhxLXh3M2ctcnBoY84AA74V

npm @lobehub/chat
Moderate
almost 2 years ago

@lobehub/chat vulnerable to unauthorized access to plugins GSA_kwCzR0hTQS1wZjU1LWZqOTYteGYzN84AA499

npm @lobehub/chat

Filter by Severity

Moderate 5 Low 1 High 1 Critical 1