Lucene search
+L

2887 matches found

Cvelist
Cvelist
added 2 hours ago6 views

CVE-2026-15415 Path traversal and arbitrary file write in the workflow linters of aws-healthomics-mcp-server

AWS HealthOmics is a HIPAA-eligible service that fully manages the compute, storage, and workflow engine infrastructure required to run bioinformatics analyses at scale for clinical diagnostics, drug discovery, and agricultural research. Improper limitation of a pathname to a restricted directory...

6.8CVSS
Exploits0References3
Cvelist
Cvelist
added 2 hours ago9 views

CVE-2026-7755 MCP Server Configuration Validator Bypass via File Upload API

IBM Langflow OSS 1.0.0 through 1.10.0 Langflow could allow remote code execution due to incomplete validation enforcement on MCP server configuration files...

8.8CVSS
Exploits0References1
CVE
CVE
added 2 hours ago17 views

CVE-2026-7755

The IBM Security Bulletin confirms CVE-2026-7755 affects Langflow OSS versions 1.0.0–1.10.0, where the File Manager API may bypass MCP server configuration validation during file uploads. A maliciously crafted MCP configuration file (e.g., mcp_servers .json) could be uploaded via upload_user_file...

8.8CVSS6.3AI score
Exploits0References1
NVD
NVD
added 2 hours ago3 views

CVE-2026-58195

Agentic-Flow is an AI agent orchestration platform. Prior to 2.0.14, agentic-flow MCP server tools in src/mcp/standalone-stdio.ts, src/mcp/fastmcp/servers/claude-flow-sdk.ts, src/mcp/fastmcp/servers/stdio-full.ts, src/mcp/fastmcp/servers/http-streaming-updated.ts,...

8.8CVSS
Exploits0References7
Github Security Blog
Github Security Blog
added 3 hours ago3 views

meta-ads-mcp: X-Pipeboard-Token Header Auth Bypass Reuses Operator Meta Token

X-Pipeboard-Token Header Auth Bypass Reuses Operator Meta Token Summary AuthInjectionMiddleware in meta-ads-mcp rejects HTTP MCP requests only when both authtoken and pipeboardtoken are absent. Because extracttokenfromheaders does not recognise the X-Pipeboard-Token header, an attacker who sends...

5.7AI score
Exploits0References3Affected Software1
Cvelist
Cvelist
added 3 hours ago9 views

CVE-2026-58195 Agentic-Flow: OS Command Injection in agentic-flow MCP server tools via unsanitized tool-parameter interpolation into execSync

Agentic-Flow is an AI agent orchestration platform. Prior to 2.0.14, agentic-flow MCP server tools in src/mcp/standalone-stdio.ts, src/mcp/fastmcp/servers/claude-flow-sdk.ts, src/mcp/fastmcp/servers/stdio-full.ts, src/mcp/fastmcp/servers/http-streaming-updated.ts,...

8.8CVSS
Exploits0References7
CVE
CVE
added 3 hours ago2 views

CVE-2026-58195

Agentic-Flow (MCP server tools) prior to version 2.0.14 is vulnerable to OS command injection. In affected code paths, tool parameters such as agent, task, name, language, and agentdb could be interpolated directly into shell command strings passed to execSync(), enabling arbitrary command execut...

8.8CVSS5.9AI score
Exploits0References7
Cvelist
Cvelist
added 5 hours ago9 views

CVE-2026-57860 ForgeCode Arbitrary Code Execution via Unvetted .mcp.json in Untrusted Repository

ForgeCode tailcallhq/forgecode, an AI pair-programming CLI, automatically loads and executes the MCP servers defined in a repository's .mcp.json file on startup without user confirmation. A malicious repository can supply a crafted .mcp.json whose mcpServers entries specify arbitrary command and...

8.4CVSS
Exploits0References5
Vulnrichment
Vulnrichment
added 5 hours ago4 views

CVE-2026-57860 ForgeCode Arbitrary Code Execution via Unvetted .mcp.json in Untrusted Repository

ForgeCode tailcallhq/forgecode, an AI pair-programming CLI, automatically loads and executes the MCP servers defined in a repository's .mcp.json file on startup without user confirmation. A malicious repository can supply a crafted .mcp.json whose mcpServers entries specify arbitrary command and...

8.4CVSS5.9AI score
Exploits0References5
CVE
CVE
added 5 hours ago6 views

CVE-2026-57860

Technical details about CVE-2026-57860 are not publicly available in the provided documents. Monitor for updates.

8.4CVSS5.9AI score
Exploits0References5
EUVD
EUVD
added 5 hours ago4 views

EUVD-2026-45217

ForgeCode tailcallhq/forgecode, an AI pair-programming CLI, automatically loads and executes the MCP servers defined in a repository's .mcp.json file on startup without user confirmation. A malicious repository can supply a crafted .mcp.json whose mcpServers entries specify arbitrary command and...

8.4CVSS5.8AI score
Exploits0References5
Nuclei
Nuclei
added 17 hours ago14 views

mcp-atlassian < 0.17.0 - Server-Side Request Forgery

MCP Atlassian 0.17.0 contains a server-side request forgery caused by improper validation of custom HTTP headers in the HTTP middleware, letting unauthenticated attackers force outbound requests to arbitrary URLs, exploit requires access to the mcp-atlassian HTTP endpoint. id: CVE-2026-27826 info...

9CVSS5.7AI score0.14958EPSS
Exploits2References4
Nuclei
Nuclei
added 17 hours ago4 views

9Router <= 0.4.36 - Unauthenticated RCE

9Router = 0.4.36 middleware only guards 8 explicitly listed routes, leaving /api/cli-tools/ and /api/mcp/ entirely unauthenticated. An attacker can POST to /api/cli-tools/cowork-settings to register a custom MCP plugin with attacker-controlled command and args stored verbatim into globalThis, the...

10CVSS5.8AI score0.04572EPSS
Exploits0References2
Nuclei
Nuclei
added 17 hours ago30 views

MCP Inspector < 0.14.0 UnauthenticatedRemote Code Execution

The MCP inspector is a developer tool for testing and debugging MCP servers. Versions of MCP Inspector below 0.14.1 are vulnerable to remote code execution due to lack of authentication between the Inspector client and proxy, allowing unauthenticated requests to launch MCP commands over stdio. id...

9.4CVSS9.6AI score0.38532EPSS
Exploits0References5
NVD
NVD
added 19 hours ago5 views

CVE-2026-62208

OpenClaw before 2026.6.5 could forward Authorization headers during MCP SSE redirects. When the affected feature is enabled and reachable, a lower-trust caller or configured input path could execute or persist actions beyond the caller's intended authorization. Impact depends on the operator's...

6.5CVSS
Exploits0References2
NVD
NVD
added yesterday6 views

CVE-2026-44970

dbt-mcp is a Model Context Protocol server for interacting with dbt. Prior to 1.17.1, DefaultUsageTracker.emittoolcalledevent in src/dbtmcp/tracking/tracking.py serialized every MCP tool call's complete arguments dictionary and sent it through dbtlabsvortex.producer.logproto without redaction,...

3.1CVSS0.00042EPSS
Exploits0References4
NVD
NVD
added yesterday7 views

CVE-2026-46341

The Apify MCP server enables AI agents to extract data from websites using ready-made scrapers, crawlers, and automation tools available on the Apify Store. Prior to 0.9.21, the fetch-apify-docs tool in src/tools/common/fetchapifydocs.ts validates allowlisted documentation domains with...

6.1CVSS0.00045EPSS
Exploits0References4
NVD
NVD
added yesterday7 views

CVE-2026-44969

dbt-mcp is a Model Context Protocol server for interacting with dbt. Prior to 1.17.1, DbtMCP.calltool in src/dbtmcp/mcp/server.py logged the raw arguments dictionary at INFO level before each tool call and at ERROR level on exceptions, and configurefilelogging wrote those records to dbt-mcp.log...

2.5CVSS0.00012EPSS
Exploits0References4
CVE
CVE
added yesterday13 views

CVE-2026-44969

dbt-mcp: CVE-2026-44969 involves logging of complete tool call arguments (including sql_query, vars, and node_selection) in plaintext when DBT_MCP_SERVER_FILE_LOGGING is enabled. The issue is present in earlier versions (e.g., v1.15.x) and fixed in v1.17.1. Connected sources confirm that argument...

2.5CVSS6.1AI score0.00012EPSS
Exploits0References4
Cvelist
Cvelist
added yesterday36 views

CVE-2026-44969 dbt-mcp: Tool Arguments Including SQL Queries and Credentials Logged in Plaintext Without Redaction When File Logging Is Enabled

dbt-mcp is a Model Context Protocol server for interacting with dbt. Prior to 1.17.1, DbtMCP.calltool in src/dbtmcp/mcp/server.py logged the raw arguments dictionary at INFO level before each tool call and at ERROR level on exceptions, and configurefilelogging wrote those records to dbt-mcp.log...

2.5CVSS0.00012EPSS
Exploits0References4
Rows per page
Query Builder