An issue in the upload_documents method of libre-chat v0.0.6 allows attackers to execute a path traversal via supplying a crafted filename in an uploaded file.
"https://github.com/pypa/advisory-database/blob/main/vulns/libre-chat/PYSEC-2026-1537.yaml"