Security Advisory

CVE-2024-24566

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-01-31 16:33:44

Last updated 2025-06-17 21:29:21

Assigner GitHub_M

State PUBLISHED

Description

Lobe Chat is a chatbot framework that supports speech synthesis, multimodal, and extensible Function Call plugin system. When the application is password-protected (deployed with the `ACCESS_CODE` option), it is possible to access plugins without proper authorization (without password). This vulnerability is patched in 0.122.4.

← Browse all CVEs View on cve.org ↗