← back
CVE-2026-54030

LibreChat: Missing Resource Parameter Validation in MCP OAuth Flow

CVSS 8 HIGHEPSS 0.1%CWE-346
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 8EPSS 0.1%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
25 Jun 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.5, LibreChat's MCP OAuth implementation does not validate that the resource parameter from OAuth Protected Resource metadata (RFC 9728) matches the configured MCP server URL, allowing a malicious MCP server to steal access tokens intended for a legitimate server. This vulnerability is fixed in 0.8.5.
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N
Affected products
danny-avila · LibreChat

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/danny-avila/LibreChat/security/advisories/GHSA-gvpj-vm2f-2m23