2026-01-12 18:01:48
GitHub_M
PUBLISHED
LibreChat is a ChatGPT clone with additional features. Prior to v0.8.2-rc2, LibreChats MCP stdio transport accepts arbitrary commands without validation, allowing any authenticated user to execute shell commands as root inside the container through a single API request. This vulnerability is fixed in v0.8.2-rc2.