CVE-2026-22252

CVSS v3.1

9.1

Vector

AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions LibreChat versions prior to 0.8.2-rc2

Description LibreChat’s MCP stdio transport does not validate commands, allowing authenticated users to execute shell commands as root inside the container through a single API request. The vulnerable component is the MCP stdio transport. The API endpoint used for exploitation is not specified. The variable

command

is likely involved in the execution of arbitrary shell commands.

Recommendations Update to version 0.8.2-rc2 or later.

Fix

RCE

Improper Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-285

Related Identifiers

CVE-2026-22252

Affected Products

Librechat

CVE-2026-22252

Weakness Enumeration

Related Identifiers

Affected Products

References · 9