◈ AI Security Intelligence ← All terms
Attack  ·  Glossary

OAuth token hijacking (AI agent context)

Definition
OAuth is the standard system that lets AI tools ask for permission to access external services (email, GitHub, etc.) on a user's behalf. OAuth token hijacking occurs when a malicious component — such as a rogue AI tool integration — tricks the authentication process into handing the attacker the access token, giving them the same permissions as the legitimate AI tool for all connected services.
Why it matters
As AI platforms connect to more business services via OAuth, a single stolen token can grant an attacker access to all of them simultaneously — email, code repositories, file storage — without any visible login event. LibreChat's MCP integration was found to have exactly this flaw.
Demonstrated by recent findings
LibreChat — MCP OAuth Resource Parameter Mismatch Enables OAuth Token Hijack by Malicious MCP ServerNocoDB MCP Token — Unrestricted Attachment Read Across Workspaces (CVSS 2.3) and OAuth Scope Not Enforced (CVSS 2.0)
References
OWASP LLM Top 10 — LLM06:2025 Excessive Agency
Track this in the live feed See how this plays out in real AI security and governance developments.
Open the feed →