2026-03-18 11:08:19
sba-research
PUBLISHED
LibreChat version 0.8.1-rc2 uses the same JWT secret for the user session mechanism and RAG API which compromises the service-level authentication of the RAG API.