CVE-2026-54030 danny-avila CVE debrief

Who should care

Developers and administrators using LibreChat, especially those who have integrated MCP OAuth functionality, should be aware of this vulnerability. They should verify their current version and update to 0.8.5 or later if necessary. Additionally, users of LibreChat should be cautious when interacting with MCP servers, as a malicious server could potentially steal access tokens.

Technical summary

The vulnerability in LibreChat's MCP OAuth implementation allows a malicious MCP server to steal access tokens. This is possible because the resource parameter from OAuth Protected Resource metadata is not validated. The issue was introduced in an earlier version of LibreChat and was fixed in version 0.8.5. The CVSS vector for this vulnerability is CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N, indicating a high level of severity. The weakness associated with this vulnerability is CWE-346.

Defensive priority

High priority should be given to updating LibreChat to version 0.8.5 or later. In the meantime, defenders should monitor for suspicious activity related to MCP OAuth interactions and consider implementing additional security measures to protect access tokens.

Recommended defensive actions

• Update LibreChat to version 0.8.5 or later
• Monitor for suspicious activity related to MCP OAuth interactions
• Implement additional security measures to protect access tokens
• Review and update MCP server configurations to prevent malicious activity
• Consider implementing compensating controls to mitigate the vulnerability

Evidence notes

The CVE record and NVD detail provide information on the vulnerability and its impact. The source item URL provides additional context on the vulnerability and its mitigation. The mitigation or vendor reference provides guidance on updating to version 0.8.5 or later.

Official resources