Lucene search
K

10 matches found

OSV
OSV
added 2026/06/29 11:50 a.m.5 views

PYSEC-2026-331 excel-mcp-server has a Path Traversal issue

Summary A path traversal vulnerability exists in excel-mcp-server versions up to and including 0.1.7. When running in SSE or Streamable-HTTP transport mode the documented way to use this server remotely, an unauthenticated attacker on the network can read, write, and overwrite arbitrary files on...

9.4CVSS6AI score0.00391EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/05/26 9:8 p.m.42 views

CVE-2026-44895 GitLab MCP Server: SSE transport has no authentication and wildcard CORS, exposing all GitLab tools

GitLab MCP Server lets an AI agent talk directly to GitLab. Prior to 0.6.0, the HTTP transport in src/transport.ts ships with no authentication layer at all and a wildcard Access-Control-Allow-Origin: on every response. The structural defect is that the SSE server stands up a stateful,...

9.2CVSS0.00392EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/26 9:8 p.m.11 views

CVE-2026-44895 GitLab MCP Server: SSE transport has no authentication and wildcard CORS, exposing all GitLab tools

GitLab MCP Server lets an AI agent talk directly to GitLab. Prior to 0.6.0, the HTTP transport in src/transport.ts ships with no authentication layer at all and a wildcard Access-Control-Allow-Origin: on every response. The structural defect is that the SSE server stands up a stateful,...

9.2CVSS5.8AI score0.00392EPSS
Exploits0References1
OSV
OSV
added 2026/05/09 12:10 a.m.10 views

GHSA-8JR5-6GVJ-RFPF @yoda.digital/gitlab-mcp-server's SSE transport has no authentication and wildcard CORS, exposing all 86 GitLab tools

SSE Transport Has No Authentication and Wildcard CORS, Exposing All 86 GitLab Tools Including Destructive Operations A review of mcp-gitlab-server at commit 80a7b4cf3fba6b55389c0ef491a48190f7c8996a uncovered that the SSE HTTP transport — advertised in the README and comparison table as a...

8.8CVSS6AI score0.00392EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/05/09 12:10 a.m.13 views

@yoda.digital/gitlab-mcp-server's SSE transport has no authentication and wildcard CORS, exposing all 86 GitLab tools

SSE Transport Has No Authentication and Wildcard CORS, Exposing All 86 GitLab Tools Including Destructive Operations A review of mcp-gitlab-server at commit 80a7b4cf3fba6b55389c0ef491a48190f7c8996a uncovered that the SSE HTTP transport — advertised in the README and comparison table as a...

9.2CVSS6AI score0.00392EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/09 12:0 a.m.15 views

PT-2026-39306

Name of the Vulnerable Software and Affected Versions GitLab MCP Server versions prior to 0.6.0 Description The HTTP transport in src/transport.ts lacks an authentication layer and implements a wildcard Access-Control-Allow-Origin: header on all responses. This allows any cross-origin browser...

9.2CVSS5.8AI score0.00392EPSS
Exploits0References12
Snyk
Snyk
added 2026/03/10 6:48 p.m.9 views

Server-side Request Forgery (SSRF)

Overview mcp-atlassian is a The Model Context Protocol MCP Atlassian integration is an open-source implementation that bridges Atlassian products Jira and Confluence with AI language models following Anthropic's MCP specification. This project enables secure, contextual AI interactions with...

8.2CVSS5.9AI score0.14958EPSS
Exploits1References2
GithubExploit
GithubExploit
added 2026/03/04 1:40 a.m.500 views

metasploit-mcp

metasploit-mcp Metasploit Framework MCP server for exploit ex...

6.2AI score
Exploits0
Github Security Blog
Github Security Blog
added 2025/09/29 4:28 p.m.4 views

vet MCP Server SSE Transport DNS Rebinding Vulnerability

SafeDep vet is vulnerable to a DNS rebinding attack due to lack of HTTP Host and Origin header validation. To exploit this vulnerability following conditions must be met: 1. A vet scan is executed and reports are saved as sqlite3 database 2. A vet MCP server is running on default port with SSE...

2.1CVSS6.7AI score0.0038EPSS
Exploits0References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/06/20 12:0 a.m.16 views

MCP Server SSE DNS Rebinding

ModelContextProtocol MCP servers using SSE Server-Sent Events transport mode are prone to DNS rebinding attacks when they do not enforce strict verification of both the 'Origin' and 'Host' headers. This vulnerability allows an attacker to bypass same-origin policies, potentially leading to...

7.1AI score
Exploits0References1
Rows per page
Query Builder