top of page
perceptive_background_267k.jpg

LibreChat is a ChatGPT clone with additional features. Prior to v0.8.2-rc2, LibreChat's MCP stdio transport accepts arbitrary commands without validation, allow…

Published:

11 January 2026 at 23:00:00

Alert date:

12 January 2026 at 21:02:40

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies, Enterprise Applications

LibreChat, a ChatGPT clone application, contains a critical vulnerability in versions prior to v0.8.2-rc2. The vulnerability exists in the MCP stdio transport component which accepts arbitrary commands without proper validation. Any authenticated user can exploit this flaw to execute shell commands with root privileges inside the container through a single API request. This represents a severe privilege escalation vulnerability that allows complete compromise of the containerized application. The issue has been patched in version v0.8.2-rc2.

Technical details

Mitigation steps:

Affected products:

LibreChat

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-22252
https://github.com/danny-avila/LibreChat/commit/211b39f3113d4e6ecab84be0a83f4e9c9dea127f
https://github.com/danny-avila/LibreChat/security/advisories/GHSA-cxhj-j78r-p88f

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page