CVE-2026-22252

CRITICAL

Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain

Details

CVSS v3: 9.1
NVD published: 2026-01-12 19:16:03
EPSS: <0.1% probability · 17.6th percentile — 2026-04-19
Affected versions: cpe:2.3:a:librechat:librechat:0.8.2:rc1:*:*:*:*:*:*
Summary: LibreChat is a ChatGPT clone with additional features. Prior to v0.8.2-rc2, LibreChat's MCP stdio transport accepts arbitrary commands without validation, allowing any authenticated user to execute shell commands as root inside the container through a single API request. This vulnerability is fixed in v0.8.2-rc2.
Remediation: Not available in our cache.
Exploit info: https://github.com/danny-avila/LibreChat/security/advisories/GHSA-cxhj-j78r-p88f

TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.

Subscribe — free email digest or paid plan

Information is aggregated from multiple authoritative sources for convenience; verify with NVD and vendors before operational decisions.