{"data":{"id":"012a114d-7f2a-478c-ab1c-ec9b7843100c","title":"CVE-2026-22252: LibreChat is a ChatGPT clone with additional features. Prior to v0.8.2-rc2, LibreChat's MCP stdio transport accepts arbi","summary":"LibreChat, a ChatGPT clone with extra features, has a vulnerability in versions before v0.8.2-rc2 where its MCP stdio transport (a communication method for connecting components) accepts commands without checking if they're safe, letting any logged-in user run shell commands as root inside a container with just one API request. This is a serious authorization flaw because it bypasses permission checks.","solution":"Update to v0.8.2-rc2 or later. According to the source, 'This vulnerability is fixed in v0.8.2-rc2.'","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2026-22252","publishedAt":"2026-01-13T00:16:03.200Z","cveId":"CVE-2026-22252","cweIds":["CWE-285"],"cvssScore":"9.1","cvssSeverity":"critical","severity":"critical","attackType":["other"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["LibreChat"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00049,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"trivial","impactType":["integrity","confidentiality","availability"],"aiComponentTargeted":"api","llmSpecific":true,"classifierConfidence":0.92,"researchCategory":null,"atlasIds":null}}