Cyber Resilience

CVE-2024-10359

MediumPublic PoC

Published: 20 March 2025

Published
20 March 2025
Modified
11 July 2025
KEV Added
Patch
CVSS Score v3 4.6 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
EPSS Score 0.0020 41.4th percentile
Risk Priority 9 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-10359 is a medium-severity Improperly Controlled Modification of Dynamically-Determined Object Attributes (CWE-915) vulnerability in Librechat Librechat. Its CVSS base score is 4.6 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Stored Data Manipulation (T1565.001); ranked at the 41.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

This vulnerability is AI-related — categorised as LLM Application Platforms; in the Privacy and Disclosure risk domain.

EU & UK References

Vulnerability details

In danny-avila/librechat version v0.7.5-rc2, a vulnerability exists in the preset creation functionality where a user can manipulate the user ID field through mass assignment. This allows an attacker to inject a different user ID into the preset object, causing the…

more

preset to appear in the UI of another user. The vulnerability arises because the backend saves the entire object received without validating the attributes and their values, impacting both integrity and confidentiality.

CWE(s)

AI Security AnalysisAI

AI Category
LLM Application Platforms
Risk Domain
Privacy and Disclosure
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
Matched keywords: librechat

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1565.001 Stored Data Manipulation Impact
Adversaries may insert, delete, or manipulate data at rest in order to influence external outcomes or hide activity, thus threatening the integrity of the data.
T1659 Content Injection Initial Access
Adversaries may gain access and continuously communicate with victims by injecting malicious content into systems through online network traffic.
Why these techniques?

The mass assignment vulnerability allows manipulation of the user ID field in presets, enabling unauthorized stored data manipulation (T1565.001) and content injection into other users' UIs (T1659), impacting integrity and confidentiality.

Affected Assets

librechat
librechat
0.7.5

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References