Lobe Chat vulnerable to Server-Side Request Forgery with native web fetch module

Description

Vulnerability Overview

• When the client sends an arbitrary URL array and impl: [“naive”] to the tRPC endpoint tools.search.crawlPages, the server issues outbound HTTP requests directly to those URLs. There is no defensive logic that restricts or validates requests to internal networks (127.0.0.

Recommendation

Update the @lobehub/chat package to the latest compatible version. Followings are version details:

• Affected version(s): <= 1.136.1
• Patched version(s): 1.136.2

References

• GHSA-fgx4-p8xf-qhp9
• CVE-2025-62505
• CWE-918
• CAPEC-310
• OWASP 2021-A10
• OWASP 2021-A6

Related Issues

• lobe-chat `/api/proxy` endpoint Server-Side Request Forgery vulnerability - CVE-2024-32964
• uppy's companion module is vulnerable to Server-Side Request Forgery (SSRF) - CVE-2022-0086
• Parse Server is vulnerable to Server-Side Request Forgery (SSRF) via Instagram OAuth Adapter - CVE-2025-68150
• @lobehub/chat Server Side Request Forgery vulnerability - CVE-2024-32965

You might also like:

Exploiting Server Version Disclosure

10 Secure Coding Best Practices to Follow in Every Project

Update Cheat Sheet for Developers

Tags:

npm

@lobehub/chat