CVE-2025-61784: LLaMA Factory's Chat API Contains Critical SSRF and LFI Vulnerabilities

October 7, 2025

A Server-Side Request Forgery (SSRF) vulnerability in the chat API allows any authenticated user to force the server to make arbitrary HTTP requests to internal and external networks. This can lead to the exposure of sensitive internal services, reconnaissance of the internal network, or interaction with third-party services. The same mechanism also allows for a Local File Inclusion (LFI) vulnerability, enabling users to read arbitrary files from the server’s filesystem.

References

github.com/advisories/GHSA-527m-2xhr-j27g
github.com/hiyouga/LLaMA-Factory
github.com/hiyouga/LLaMA-Factory/commit/95b7188090a1018935c9dc072bfc97f24f1c96e9
github.com/hiyouga/LLaMA-Factory/security/advisories/GHSA-527m-2xhr-j27g
nvd.nist.gov/vuln/detail/CVE-2025-61784

Code Behaviors & Features

Detect and mitigate CVE-2025-61784 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →