420 matches found
CVE-2026-33980 Azure Data Explorer MCP Server: KQL Injection in multiple tools allows MCP client to execute arbitrary Kusto queries
Azure Data Explorer MCP Server is a Model Context Protocol MCP server that enables AI assistants to execute KQL queries and explore Azure Data Explorer ADX/Kusto databases through standardized interfaces. Versions up to and including 0.1.1 contain KQL Kusto Query Language injection vulnerabilitie...
CVE-2026-33946
MCP Ruby SDK is the official Ruby SDK for Model Context Protocol servers and clients. Prior to version 0.9.2, the Ruby SDK's streamablehttptransport.rb implementation contains a session hijacking vulnerability. An attacker who obtains a valid session ID can completely hijack the victim's...
EUVD-2026-16866
MCP Ruby SDK is the official Ruby SDK for Model Context Protocol servers and clients. Prior to version 0.9.2, the Ruby SDK's streamablehttptransport.rb implementation contains a session hijacking vulnerability. An attacker who obtains a valid session ID can completely hijack the victim's...
CVE-2026-33946
The CVE affects the MCP Ruby SDK prior to 0.9.2. In streamable_http_transport.rb, an attacker with a valid session ID can hijack the victim’s SSE stream and intercept real-time data, due to insufficient session binding. Version 0.9.2 patches this. No additional exploit details are provided beyond...
CVE-2026-31951 LibreChat's MCP Server Header Injection Enables OAuth Token Theft
LibreChat is a ChatGPT clone with additional features. In versions 0.8.2-rc1 through 0.8.3-rc1, user-created MCP Model Context Protocol servers can include arbitrary HTTP headers that undergo credential placeholder substitution. An attacker can create a malicious MCP server with headers containin...
CVE-2026-31951
LibreChat is a ChatGPT clone with additional features. In versions 0.8.2-rc1 through 0.8.3-rc1, user-created MCP Model Context Protocol servers can include arbitrary HTTP headers that undergo credential placeholder substitution. An attacker can create a malicious MCP server with headers containin...
CVE-2026-31951
Vulnerability summary : LibreChat’s MCP server feature (versions 0.8.2-rc1 to 0.8.3-rc1) allows arbitrary HTTP headers that undergo credential placeholder substitution. An attacker can host a malicious MCP server with headers like {{LIBRECHAT_OPENID_ACCESS_TOKEN}} to exfiltrate victims’ OAuth tok...
EUVD-2026-16769
LibreChat is a ChatGPT clone with additional features. In versions 0.8.2-rc1 through 0.8.3-rc1, user-created MCP Model Context Protocol servers can include arbitrary HTTP headers that undergo credential placeholder substitution. An attacker can create a malicious MCP server with headers containin...
CVE-2026-31951 LibreChat's MCP Server Header Injection Enables OAuth Token Theft
LibreChat is a ChatGPT clone with additional features. In versions 0.8.2-rc1 through 0.8.3-rc1, user-created MCP Model Context Protocol servers can include arbitrary HTTP headers that undergo credential placeholder substitution. An attacker can create a malicious MCP server with headers containin...
CVE-2026-31951 LibreChat's MCP Server Header Injection Enables OAuth Token Theft
LibreChat is a ChatGPT clone with additional features. In versions 0.8.2-rc1 through 0.8.3-rc1, user-created MCP Model Context Protocol servers can include arbitrary HTTP headers that undergo credential placeholder substitution. An attacker can create a malicious MCP server with headers containin...
PT-2026-28432
Name of the Vulnerable Software and Affected Versions LibreChat versions 0.8.2-rc1 through 0.8.3-rc1 Description LibreChat, a ChatGPT clone, has an issue where user-created Model Context Protocol MCP servers can include arbitrary HTTP headers. These headers are subject to credential placeholder...
PT-2026-28582
Name of the Vulnerable Software and Affected Versions Azure Data Explorer MCP Server versions prior to commit 0abe0ee55279e111281076393e5e966335fffd30 Azure Data Explorer MCP Server versions up to and including 0.1.1 Description Azure Data Explorer MCP Server, a Model Context Protocol MCP server,...
MCP Ruby SDK 安全漏洞
MCP Ruby SDK is an open-source development toolkit for building and interacting with Model Context Protocol clients. Versions of the MCP Ruby SDK prior to 0.9.2 contained security vulnerabilities. These vulnerabilities stemmed from issues with the streamablehttptransport.rb implementation, which...
PT-2026-28576
Name of the Vulnerable Software and Affected Versions MCP Ruby SDK versions prior to 0.9.2 Description The Ruby SDK for Model Context Protocol servers and clients contains a session hijacking issue in its streamable http transport.rb implementation. An attacker obtaining a valid session ID can...
CVE-2026-23882
Blinko is an AI-powered card note-taking project. Prior to version 1.8.4, the MCP Model Context Protocol server creation function allows specifying arbitrary commands and arguments, which are executed when testing the connection. This issue has been patched in version 1.8.4...
CVE-2026-23882 Blinko: Admin RCE - MCP Server Command Injection
Blinko is an AI-powered card note-taking project. Prior to version 1.8.4, the MCP Model Context Protocol server creation function allows specifying arbitrary commands and arguments, which are executed when testing the connection. This issue has been patched in version 1.8.4...
EUVD-2026-14545
Blinko is an AI-powered card note-taking project. Prior to version 1.8.4, the MCP Model Context Protocol server creation function allows specifying arbitrary commands and arguments, which are executed when testing the connection. This issue has been patched in version 1.8.4...
CVE-2026-23882
Blinko is an AI-powered card note-taking project. Prior to version 1.8.4, the MCP Model Context Protocol server creation function allows specifying arbitrary commands and arguments, which are executed when testing the connection. This issue has been patched in version 1.8.4...
CVE-2026-23882 Blinko: Admin RCE - MCP Server Command Injection
Blinko is an AI-powered card note-taking project. Prior to version 1.8.4, the MCP Model Context Protocol server creation function allows specifying arbitrary commands and arguments, which are executed when testing the connection. This issue has been patched in version 1.8.4...
GO-2026-4773 Cross-Site Tool Execution for HTTP Servers without Authorizatrion in github.com/modelcontextprotocol/go-sdk
Cross-Site Tool Execution for HTTP Servers without Authorizatrion in github.com/modelcontextprotocol/go-sdk...