CVE-2025-62800

FastMCP is the standard framework for building MCP applications. Versions prior to 2.13.0 have a reflected cross-site scripting vulnerability in the OAuth client callback page oauthcallback.py where unescaped user-controlled values are inserted into the generated HTML, allowing arbitrary JavaScri...

Cross-site Scripting (XSS)

Overview fastmcp is a The fast, Pythonic way to build MCP servers and clients. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the createcallbackhtml function. An attacker can execute arbitrary JavaScript in the context of the callback server's origin by supplying...

aenvironment (=0.1.7rc1), agentic-ai-engineering-course (>=0.4.6 <=0.4.7) +164 more potentially affected by CVE-2025-62800 via fastmcp (>=2.0.0 <=2.12.5)

fastmcp PYPI version =2.0.0, =0.4.6, =1.8.0, =3.2.0, =3.2.0, =4.2.2, =3.0.2, =0.2.7, =1.0.0rc1, =0.2.7, =1.7.3, =0.1.12, =0.9.30, =0.14.3, =0.18.5 and more Source cves: CVE-2025-62800 Source advisory: SNYK:PYTHON-FASTMCP-13746462...

CVE-2025-62801 FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name

FastMCP is the standard framework for building MCP applications. Versions prior to 2.13.0, a command-injection vulnerability lets any attacker who can influence the servername field of an MCP execute arbitrary OS commands on Windows hosts that run fastmcp install cursor. This vulnerability is fix...

CVE-2025-62801 FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name

FastMCP is the standard framework for building MCP applications. Versions prior to 2.13.0, a command-injection vulnerability lets any attacker who can influence the servername field of an MCP execute arbitrary OS commands on Windows hosts that run fastmcp install cursor. This vulnerability is fix...

CVE-2025-62801

CVE-2025-62801 affects FastMCP prior to version 2.13.0, where a command-injection vulnerability exists in how the server_name field is processed during the MCP installer cursor flow on Windows. An attacker who can influence the server_name value can cause arbitrary OS commands to run on Windows h...

CVE-2025-62801 FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name

FastMCP is the standard framework for building MCP applications. Versions prior to 2.13.0, a command-injection vulnerability lets any attacker who can influence the servername field of an MCP execute arbitrary OS commands on Windows hosts that run fastmcp install cursor. This vulnerability is fix...

CVE-2025-62800 FastMCP vulnerable to reflected XSS in client's callback page

FastMCP is the standard framework for building MCP applications. Versions prior to 2.13.0 have a reflected cross-site scripting vulnerability in the OAuth client callback page oauthcallback.py where unescaped user-controlled values are inserted into the generated HTML, allowing arbitrary JavaScri...

CVE-2025-62800 FastMCP vulnerable to reflected XSS in client's callback page

FastMCP is the standard framework for building MCP applications. Versions prior to 2.13.0 have a reflected cross-site scripting vulnerability in the OAuth client callback page oauthcallback.py where unescaped user-controlled values are inserted into the generated HTML, allowing arbitrary JavaScri...

CVE-2025-62800

FastMCP (Python framework for MCP apps) is affected prior to version 2.13.0 by a reflected XSS in the OAuth client callback page (oauth_callback.py). The vulnerability occurs when unescaped user-controlled values are inserted into the generated HTML, enabling arbitrary JavaScript execution in the...

CVE-2025-62800 FastMCP vulnerable to reflected XSS in client's callback page

FastMCP is the standard framework for building MCP applications. Versions prior to 2.13.0 have a reflected cross-site scripting vulnerability in the OAuth client callback page oauthcallback.py where unescaped user-controlled values are inserted into the generated HTML, allowing arbitrary JavaScri...

PT-2025-44218

Name of the Vulnerable Software and Affected Versions FastMCP versions prior to 2.13.0 Description FastMCP, a framework for building MCP applications, contains a command-injection issue. An attacker who can control the server name field of an MCP can execute arbitrary OS commands on Windows hosts...

PT-2025-44217

Name of the Vulnerable Software and Affected Versions FastMCP versions prior to 2.13.0 Description FastMCP, a framework for building MCP applications, is affected by a reflected cross-site scripting issue. The problem exists in the OAuth client callback page oauth callback.py due to the insertion...

FastMCP 跨站脚本漏洞

FastMCP is an MCP server builder by the individual developer Jeremiah Lowin. A cross-site scripting vulnerability exists in FastMCP versions prior to 2.13.0, which stems from an unescaped user control value on the OAuth client callback page, which could lead to a reflective cross-site scripting...

FastMCP 操作系统命令注入漏洞

FastMCP is an MCP server builder from the individual developer Jeremiah Lowin. An operating system command injection vulnerability exists in FastMCP versions prior to 2.13.0, which stems from the vulnerability of the servername field to a command injection attack that could result in the executio...

card-ocr-fastmcp (=1.0.0) potentially affected by CVE-2025-9262 via @wong2/mcp-cli (=1.13.0)

@wong2/mcp-cli NPM version =1.13.0 is affected by a known vulnerability. The following packages have a transitive dependency on @wong2/mcp-cli and may be impacted: - card-ocr-fastmcp =1.0.0 Source cves: CVE-2025-9262 Source advisory: OSV:GHSA-P6RM-483J-37JF...

card-ocr-fastmcp (=1.0.0) potentially affected by CVE-2025-9262 via @wong2/mcp-cli (=1.13.0)

@wong2/mcp-cli NPM version =1.13.0 is affected by a known vulnerability. The following packages have a transitive dependency on @wong2/mcp-cli and may be impacted: - card-ocr-fastmcp =1.0.0 Source cves: CVE-2025-9262 Source advisory: SNYK:JS-WONG2MCPCLI-12205740...

MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS

A validation error in the MCP SDK can cause an unhandled exception when processing malformed requests, resulting in service unavailability 500 errors until manually restarted. Impact may vary depending on the deployment conditions, and presence of infrastructure-level resilience measures. Thank y...