@lobehub/lobehub

npm2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting @lobehub/lobehubpage 1 of 1

CVE-2026-39411MEDIUMCVSS 5.0EG 5.0✓ Fixed in 2.1.48
2026-04-08
LobeHub is a work-and-lifestyle space to find, build, and collaborate with agent teammates that grow with you. Prior to 2.1.48, the webapi authentication layer trusts a client-controlled X-lobe-chat-auth header that is only XOR-obfuscated,…
CVE-2026-42045MEDIUMCVSS 6.2EG 6.2
2026-05-12
LobeHub is a work-and-lifestyle space to find, build, and collaborate with agent teammates that grow with you. Prior to 2.1.48, when LobeChat processes custom tags in the Render process of src/features/Portal/Artifacts/Body/Renderer/index.…

Check whether @lobehub/lobehub is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for @lobehub/lobehub CVEs against the assets you own.

Start Free Scan →