CVE Catalog

CVE-2026-54030

HighCVSS 8.0
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.11%

1th percentile — higher than 1% of all known CVEs

Summary

A vulnerability in LibreChat before version 0.8.5 allows a malicious MCP server to steal access tokens intended for a legitimate server. The MCP OAuth implementation does not validate that the resource parameter from OAuth Protected Resource metadata (RFC 9728) matches the configured MCP server URL.

Risk Assessment

An attacker can intercept access tokens, leading to unauthorized access to protected resources and potential leakage of sensitive data.

Recommendation

Upgrade LibreChat to version 0.8.5 or later immediately, which includes a fix for this vulnerability.

Original NVD description (English source)

LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.5, LibreChat's MCP OAuth implementation does not validate that the resource parameter from OAuth Protected Resource metadata (RFC 9728) matches the configured MCP server URL, allowing a malicious MCP server to steal access tokens intended for a legitimate server. This vulnerability is fixed in 0.8.5.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS