PT-2026-47086

Summary A low-privilege MCP token holder with knowledge of an attachment path could read any file in shared storage, including attachments belonging to other bases and workspaces, because the MCP readAttachment tool did not verify the file's ownership. Details The MCP readAttachment tool accepts...

Incorrect Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization via the chat.send route. An attacker can perform unauthorized privileged actions by leveraging inherited external routes to bypass required scope checks, enabling...

CVE-2026-5382

An issue that could expose records outside of the authorized organization scope through the MCP endpoints has been resolved. This is an instance of CWE-863: Incorrect Authorization, and has an estimated CVSS score of CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N 3.0 Low. This issue was fixed in...

(0Day) Microsoft Azure MCP AzureCliService Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Azure. Authentication is not required to exploit this vulnerability. The specific flaw exists within the azure-cli-mcp component. The issue results from the lack of proper validation of a...

EUVD-2025-208759

FastMCP OAuth Proxy token reuse across MCP servers...

PT-2025-40609

Name of the Vulnerable Software and Affected Versions win-cli-mcp-server affected versions not specified Description The software contains a command injection flaw within the resolveCommandPath function. This allows for remote code execution. The issue was discovered by Peter Girnus of Trend...