frontmcp 代码问题漏洞

FrontMCP is an open-source MCP server development framework based on TypeScript, created by AgentFront. Versions of FrontMCP prior to 2.3.0 had code-related vulnerabilities. These vulnerabilities stemmed from the lack of restrictions on URL reference resolution, which could lead to server-side...

CVE-2026-27727

CVE-2026-27727 is confirmed in multiple IBM advisories as affecting the mchange-commons-java library used by IBM Maximo Monitor Component and related IBM products. The vulnerability stems from JNDI dereferencing code in mchange-commons-java, which can allow an attacker to cause download and execu...

PT-2025-37197

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw related to the BTRFS filesystem. Specifically, the issue involves the potential for transaction aborts during balancing operations when encountering...

CVE-2025-29313

Use of incorrectly resolved name or reference in OpenDaylight Service Function Chaining SFC Subproject SFC Sodium-SR4 and below allows attackers to cause a Denial of Service DoS...

The vulnerability of the containers-common library in the Golang programming language arises from improper resolution of references before accessing files. This allows attackers to gain access to confidential information.

The vulnerability of the containers-common library in the Golang programming language is related to improper resolution of references before accessing files. Exploiting this vulnerability can allow an attacker to gain access to confidential information by using symbolic references, by mounting...

GHSA-CXW4-9QV9-VX5H High severity vulnerability that affects PeterO.Cbor

Impact The CBOR library supports optional tags that enable CBOR objects to contain references to objects within them. Versions earlier than 4.0 resolved those references automatically. While this by itself doesn't cause much of a security problem, a denial of service can happen if those reference...