{"data":{"id":"b3a9b9d7-5a1f-4687-9b83-be0e1e75120b","title":"CVE-2026-31951: LibreChat is a ChatGPT clone with additional features. In versions 0.8.2-rc1 through 0.8.3-rc1, user-created MCP (Model ","summary":"LibreChat versions 0.8.2-rc1 through 0.8.3-rc1 have a vulnerability where user-created MCP (Model Context Protocol, a system for connecting AI models to external tools) servers can steal OAuth tokens (security credentials used for authentication). An attacker can create a malicious MCP server with special headers that trick LibreChat into substituting sensitive tokens, which are then leaked when victims use tools on that server.","solution":"Update to version 0.8.3-rc2, which fixes the issue.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2026-31951","publishedAt":"2026-03-27T20:16:30.397Z","cveId":"CVE-2026-31951","cweIds":["CWE-200"],"cvssScore":"6.8","cvssSeverity":"medium","severity":"medium","attackType":["pii_leakage"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["LibreChat"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N","attackVector":"network","attackComplexity":"low","privilegesRequired":"low","userInteraction":"required","exploitMaturity":"unknown","epssScore":0,"patchAvailable":null,"disclosureDate":"2026-03-27T20:16:30.397Z","capecIds":["CAPEC-116"],"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality"],"aiComponentTargeted":"api","llmSpecific":true,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}