Lucene search
+L

859 matches found

euvd
euvd
added 2026/06/23 12:13 p.m.25 views

EUVD-2026-38434

Flowise before 3.1.2 contains multiple OS command injection vulnerabilities in the Custom MCP Server feature due to incomplete command-flag validation and a regex bypass in local file access restrictions. An attacker with a Flowise account of any role, or API access with view/update permissions f...

9.9CVSS6.2AI score0.02683EPSS
Exploits1References2
redhatcve
redhatcve
added 2026/06/23 8:0 a.m.10 views

CVE-2026-12774

A flaw was found in BerriAI litellm. A remote attacker could exploit a Server-Side Request Forgery SSRF vulnerability in the MCP Server Connection Testing component. This flaw, specifically within the executewithmcpclient function, allows an attacker to trick the server into making unauthorized...

6.5CVSS6.5AI score0.00262EPSS
Exploits1References8
ptsecurity
ptsecurity
added 2026/06/23 12:0 a.m.16 views

PT-2026-51592

Name of the Vulnerable Software and Affected Versions foreman-mcp-server affected versions not specified Description Two distinct logging mechanisms in the software can expose sensitive session and authentication data. One mechanism logs session identifiers, which function as authentication...

6.2CVSS5.8AI score0.00152EPSS
Exploits0References8
ptsecurity
ptsecurity
added 2026/06/23 12:0 a.m.13 views

PT-2026-51588

Name of the Vulnerable Software and Affected Versions foreman-mcp-server affected versions not specified Red Hat Satellite affected versions not specified Description A session management issue in the MCP Server allows unauthenticated attackers to hijack active administrative sessions. This occur...

7.8CVSS5.9AI score0.00153EPSS
Exploits0References11
snyk
snyk
added 2026/06/22 9:20 a.m.11 views

SQL Injection

Overview doris-mcp-server is an Enterprise-grade Model Context Protocol MCP server implementation for Apache Doris Affected versions of this package are vulnerable to SQL Injection via the metadata query path. An attacker can gain unauthorized access to metadata outside the intended database scop...

8.1CVSS6AI score0.00375EPSS
Exploits0References2
cve
cve
added 2026/06/21 9:30 a.m.27 views

CVE-2026-12798

CVE-2026-12798 affects BerriAI litellm up to 1.82.2, specifically the MCP OpenAPI Spec Loader’s load_openapi_spec_async function. The root cause is manipulation of the spec_path argument allowing server-side request forgery, which can be triggered remotely. The description notes that the exploit ...

6.5CVSS6.2AI score0.00262EPSS
Exploits1References5Affected Software1
cvelist
cvelist
added 2026/06/21 9:30 a.m.39 views

CVE-2026-12798 BerriAI litellm MCP OpenAPI Spec Loader openapi_to_mcp_generator.py load_openapi_spec_async server-side request forgery

A weakness has been identified in BerriAI litellm up to 1.82.2. Affected by this vulnerability is the function loadopenapispecasync of the file litellm/proxy/experimental/mcpserver/openapitomcpgenerator.py of the component MCP OpenAPI Spec Loader. This manipulation of the argument specpath causes...

6.5CVSS0.00262EPSS
Exploits1References5
nvd
nvd
added 2026/06/21 4:16 a.m.10 views

CVE-2026-12774

A security vulnerability has been detected in BerriAI litellm up to 1.82.2. Affected by this vulnerability is the function executewithmcpclient of the file litellm/proxy/experimental/mcpserver/restendpoints.py of the component MCP Server Connection Testing. The manipulation leads to server-side...

6.5CVSS0.00262EPSS
Exploits1References5
attackerkb
attackerkb
added 2026/06/21 3:45 a.m.9 views

CVE-2026-12774

A security vulnerability has been detected in BerriAI litellm up to 1.82.2. Affected by this vulnerability is the function executewithmcpclient of the file litellm/proxy/experimental/mcpserver/restendpoints.py of the component MCP Server Connection Testing. The manipulation leads to server-side...

6.5CVSS6AI score0.00262EPSS
Exploits1References5Affected Software1
euvd
euvd
added 2026/06/21 3:45 a.m.11 views

EUVD-2026-38140

A security vulnerability has been detected in BerriAI litellm up to 1.82.2. Affected by this vulnerability is the function executewithmcpclient of the file litellm/proxy/experimental/mcpserver/restendpoints.py of the component MCP Server Connection Testing. The manipulation leads to server-side...

6.5CVSS6AI score0.00262EPSS
Exploits1References5
osv
osv
added 2026/06/21 3:45 a.m.3 views

CVE-2026-12774 BerriAI litellm MCP Server Connection Testing rest_endpoints.py _execute_with_mcp_client server-side request forgery

A security vulnerability has been detected in BerriAI litellm up to 1.82.2. Affected by this vulnerability is the function executewithmcpclient of the file litellm/proxy/experimental/mcpserver/restendpoints.py of the component MCP Server Connection Testing. The manipulation leads to server-side...

5.3CVSS5.9AI score0.00262EPSS
Exploits1References7
cvelist
cvelist
added 2026/06/21 3:45 a.m.39 views

CVE-2026-12774 BerriAI litellm MCP Server Connection Testing rest_endpoints.py _execute_with_mcp_client server-side request forgery

A security vulnerability has been detected in BerriAI litellm up to 1.82.2. Affected by this vulnerability is the function executewithmcpclient of the file litellm/proxy/experimental/mcpserver/restendpoints.py of the component MCP Server Connection Testing. The manipulation leads to server-side...

6.5CVSS0.00262EPSS
Exploits1References5
rapid7blog
rapid7blog
added 2026/06/19 5:8 p.m.12 views

Weekly Metasploit Update: NTLM Relay Priv Esc, MCP Server Integration, Paperclip AI RCE Chain, and more

This week's release includes five new modules, including a full unauthenticated RCE chain for Paperclip AI and a VS Code extension persistence technique. On the post-exploitation side, the new windows/local/ntlmrelay2self module coerces the local machine account to authenticate via...

10CVSS6.8AI score0.01972EPSS
Exploits13
attackerkb
attackerkb
added 2026/06/18 9:1 p.m.18 views

CVE-2026-49257

mcp-pinot is a Python-based Model Context Protocol MCP server for interacting with Apache Pinot. In versions 3.0.1 and below, mcp-pinot defaults to running an HTTP MCP server bound to 0.0.0.0:8080 with no authentication enabled. All MCP tools, including SQL query execution, schema creation, and...

10CVSS5.6AI score0.00498EPSS
Exploits0References5Affected Software1
osv
osv
added 2026/06/18 1:52 p.m.4 views

GHSA-VMF9-XX9W-86WX PraisonAI ToolsMCPServer legacy SSE transport accepts attacker Host/Origin and exposes registered tools

PraisonAI ToolsMCPServer legacy SSE transport accepts attacker Host/Origin and exposes registered tools Summary praisonaiagents.mcp.ToolsMCPServer.runsse builds a Starlette MCP HTTP+SSE server around mcp.server.sse.SseServerTransport. The server exposes /sse and /messages/, but it does not valida...

8.3CVSS5.6AI score
Exploits0References2
osv
osv
added 2026/06/17 7:42 p.m.2 views

CVE-2026-48814 Network-AI: Empty default secret still authorizes all requests (Incomplete fix for CVE-2026-46701)

Network-AI is a TypeScript/Node.js multi-agent orchestrator. In versions 5.7.1 and earlier, the MCP SSE server allows unauthenticated cross-origin MCP tool invocation due to an empty default secret. This issue was partially addressed by CVE-2026-46701 in version 5.4.5 by closing the CORS flaw wit...

9.1CVSS6AI score0.00297EPSS
Exploits0References5
ossf
ossf
added 2026/06/16 12:5 a.m.14 views

Malicious code in sp-api-dev-assistant-mcp-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 18b5b59005300a7a8612a3bf36d3707df573ac722e94e52a3854844345d63745 Package contains only package.json and README.md, with the README explicitly stating it is a proof-of-concept squatting an unclaimed npm name that wa...

6.3AI score
Exploits0References2
nvd
nvd
added 2026/06/11 7:16 p.m.11 views

CVE-2026-47250

mcp-server-kubernetes is a Model Context Protocol server for Kubernetes cluster management. Prior to version 3.7.0, the kubectlgeneric tool in mcp-server-kubernetes passes user-supplied flags directly to kubectl without any allowlist, enabling a privilege escalation attack within Kubernetes...

6.1CVSS0.00267EPSS
Exploits0References2
nvd
nvd
added 2026/06/11 7:16 p.m.10 views

CVE-2026-46519

mcp-server-kubernetes is a Model Context Protocol server for Kubernetes cluster management. Prior to version 3.6.0, mcp-server-kubernetes exposes three environment variables ALLOWONLYREADONLYTOOLS, ALLOWONLYNONDESTRUCTIVETOOLS, ALLOWEDTOOLS documented as access controls for restricting which...

8.8CVSS0.00376EPSS
Exploits0References2
euvd
euvd
added 2026/06/11 6:35 p.m.10 views

EUVD-2026-36287

mcp-server-kubernetes is a Model Context Protocol server for Kubernetes cluster management. Prior to version 3.7.0, the kubectlgeneric tool in mcp-server-kubernetes passes user-supplied flags directly to kubectl without any allowlist, enabling a privilege escalation attack within Kubernetes...

6.1CVSS5.3AI score0.00267EPSS
Exploits0References2
Rows per page
Query Builder