Vulnerability Details CVE-2026-22252
LibreChat is a ChatGPT clone with additional features. Prior to v0.8.2-rc2, LibreChat's MCP stdio transport accepts arbitrary commands without validation, allowing any authenticated user to execute shell commands as root inside the container through a single API request. This vulnerability is fixed in v0.8.2-rc2.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 10.4%
CVSS Severity
CVSS v3 Score 9.1
References