MCP Server with OpenAI, Git, Filesystem, and Prometheus Integration 注入漏洞

MCP Server with OpenAI, Git, Filesystem, and Prometheus Integration is an integrated model control plane server developed by DVladimirov, which integrates OpenAI, Git, a file system, and Prometheus. Versions of MCP Server with OpenAI, Git, Filesystem, and Prometheus Integration prior to 0.1.0 hav...

Docker MCP Server 操作系统命令注入漏洞

Docker MCP Server is an MCP protocol server developed by Suvarchal Kumar Cheedela for Docker operations. Versions of Docker MCP Server prior to 0.1.0 have a vulnerability related to operating system command injection. This vulnerability stems from incorrect operations on the functions...

pipeshub-ai 代码问题漏洞

pipeshub-ai is an enterprise automation platform open-sourced by PipesHub AI - The Open Source Alternative to Glean. A code issue vulnerability exists in versions prior to pipeshub-ai 0.1.0-beta, which stems from a lack of authentication and could allow an attacker to remotely overwrite files or...

CVE-2025-59834

ADB MCP Server is a MCP Model Context Protocol server for interacting with Android devices through ADB. In versions 0.1.0 and prior, the MCP Server is written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Server tool definition and implementatio...

octo-sts 安全漏洞

octo-sts is a Chainguard's GitHub security token service open-sourced by octo-sts. A security vulnerability exists in octo-sts versions prior to 0.1.0, which stems from the fact that an unauthenticated attacker can cause unlimited CPU and memory usage...

PT-2023-32365 · Unknown · Anything-Llm

Name of the Vulnerable Software and Affected Versions: mintplex-labs/anything-llm versions prior to 0.1.0 Description: The issue is related to improper access control in the GitHub repository mintplex-labs/anything-llm. Recommendations: For versions prior to 0.1.0, update to version 0.1.0 or late...

Single Sign On Client Cross-Site Scripting Vulnerability

Single Sign On Client is an open source single sign on client from Decentraland. A cross-site scripting vulnerability exists in Single Sign On Client versions prior to 0.1.0 that originates from improper input validation and allows execution of arbitrary JavaScript...

PT-2023-24221 · Nuajik · Nuajik

Name of the Vulnerable Software and Affected Versions: nuajik plugin versions prior to 0.1.0 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin+ privileges. Recommendations: For nuajik plugin versions prior to 0.1.0, update...

CVE-2023-3188

Server-Side Request Forgery SSRF in GitHub repository owncast/owncast prior to 0.1.0...

PT-2023-15530 · Secvisogram · Csaf-Validator-Service

Name of the Vulnerable Software and Affected Versions: Secvisogram csaf-validator-service versions prior to 0.1.0 Description: The issue is related to insufficient input validation of requests by an unauthenticated remote user, which might lead to a partial Denial of Service DoS of the service...

qwik 跨站脚本漏洞

qwik is a micro web framework. A cross-site scripting vulnerability exists in versions prior to qwik 0.1.0-beta5. No information about this vulnerability is available at this time, please stay tuned to CNNVD or vendor announcements...

PT-2023-10129 · Unknown · Sternenseemann Sternenblog

Name of the Vulnerable Software and Affected Versions: sternenseemann sternenblog versions prior to 0.1.0 Description: A problematic issue has been found in sternenseemann sternenblog, affecting the blog index function of the file main.c. The manipulation of the post path argument leads to file...

PT-2022-28221 · Strapi · Strapi-Plugin-Ezforms

Name of the Vulnerable Software and Affected Versions: strapi-plugin-ezforms versions prior to 0.1.0 Description: The issue affects users utilizing any captcha providers. There is no information available about the estimated number of potentially affected devices or real-world incidents where thi...

Flarum Cross-Site Request Forgery Vulnerability

Flarum is an open source forum system. A cross-site request forgery vulnerability exists in Flarum versions prior to 0.1.0-beta.9. The vulnerability stems from a networked system or product that does not adequately validate the origin or authenticity of data, which can be exploited by an attacker...

PT-2018-16140 · Unknown · Simplehttpserver

Name of the Vulnerable Software and Affected Versions: Simplehttpserver versions prior to 0.1.0 Description: The issue arises from a lack of validation of file names, leading to a Cross-Site Scripting vulnerability. An attacker can exploit this by controlling the filename of a file used in the...