Lobe Chat vulnerable to Server-Side Request Forgery with native web fetch module
- Severity:
- Low
Description
Vulnerability Overview
- When the client sends an arbitrary URL array and impl: [“naive”] to the tRPC endpoint tools.search.crawlPages, the server issues outbound HTTP requests directly to those URLs. There is no defensive logic that restricts or validates requests to internal networks (127.0.0.
Recommendation
Update the @lobehub/chat package to the latest compatible version. Followings are version details:
- Affected version(s): <= 1.136.1
- Patched version(s): 1.136.2
References
Related Issues
- LobeHub Vulnerable to Improper Authorization in Presigned Upload - CVE-2026-23835
- Lodash has Prototype Pollution Vulnerability in `_.unset` and `_.omit` functions - CVE-2025-13465
- Lobe Chat affected by Cross-Site Scripting(XSS) that can escalate to Remote Code Execution(RCE) - CVE-2026-23733
- Lobe Chat has IDOR in Knowledge Base File Removal that Allows Cross User File Deletion - CVE-2026-23522
- Tags:
- npm
- @lobehub/chat
Anything's wrong? Let us know Last updated on October 17, 2025