What is the severity of CVE-2026-22252?

CVE-2026-22252 has a CVSS v3 score of 9.9, which is classified as Critical severity.

Is there an exploit available for CVE-2026-22252?

No known public exploits are currently available for CVE-2026-22252.

Is there a patch available for CVE-2026-22252?

Yes, patches are available for CVE-2026-22252. Check the vendor advisories for update instructions.

CVE-2026-22252 - CVE Details, Severity, and Analysis

CVE-2026-22252 - CVE Details, Severity, and Analysis | Strobes VI

Trend Analysis

Neutral

Vulnerable Products

Vendor	Product
Librechat	Librechat

Advisories

NVD: LibreChat is a ChatGPT clone with additional features. Prior to v0.8.2-rc2, LibreChat's MCP stdio transport accepts arbitrary commands without validation, allowing any authenticated user to execute shell commands as root inside the container through a single API request. This vulnerability is fixed in v0.8.2-rc2.