CVE-2026-22252

Name of the Vulnerable Software and Affected Versions LibreChat versions prior to 0.8.2-rc2

Description LibreChat is a ChatGPT clone with additional features. Prior to version 0.8.2-rc2, the MCP stdio transport does not validate commands, allowing authenticated users to execute shell commands as root inside the container via a single API request. The vulnerability allows for remote code execution. The affected component is the MCP stdio transport. The API request allows arbitrary command execution. The vulnerable parameter is not specified.

Recommendations LibreChat versions prior to 0.8.2-rc2 should be updated to version 0.8.2-rc2.