LibreChat: Missing Resource Parameter Validation in MCP OAuth Flow

8 / 10

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N

Description

LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.5, LibreChat's MCP OAuth implementation does not validate that the resource parameter from OAuth Protected Resource metadata (RFC 9728) matches the configured MCP server URL, allowing a malicious MCP server to steal access tokens intended for a legitimate server. This vulnerability is fixed in 0.8.5.

Basic Information

ID CVE-2026-54030

Source GitHub_M

Published Jun 25, 2026 at 15:48

Affected Product

Vendor danny-avila

Product LibreChat

Version < 0.8.5

Affected Versions danny-avila LibreChat < 0.8.5

CWE Classification

CWE-346

References

github.com /danny-avila/LibreChat/security/advisories/GHSA-gvpj-vm2f-2m23

{
    "lastseen": "",
    "description": "LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.5, LibreChat's MCP OAuth implementation does not validate that the resource parameter from OAuth Protected Resource metadata (RFC 9728) matches the configured MCP server URL, allowing a malicious MCP server to steal access tokens intended for a legitimate server. This vulnerability is fixed in 0.8.5.",
    "published": "2026-06-25T15:48:00.480Z",
    "modified": "2026-06-25T15:48:00.480Z",
    "type": "cve",
    "title": "LibreChat: Missing Resource Parameter Validation in MCP OAuth Flow",
    "source": "GitHub_M",
    "references": "https://github.com/danny-avila/LibreChat/security/advisories/GHSA-gvpj-vm2f-2m23",
    "id": "CVE-2026-54030",
    "bulletinFamily": "",
    "cwe": [
        "CWE-346"
    ],
    "cvelist": null,
    "sourceData": "danny-avila LibreChat < 0.8.5",
    "sourceHref": "",
    "cvss": {
        "score": 8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "LibreChat",
    "version": "< 0.8.5",
    "vendor": "danny-avila",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

LibreChat: Missing Resource Parameter Validation in MCP OAuth Flow_CVE-2026-54030