208 matches found
@nestjs/core Improperly Neutralizes Special Elements in Output Used by a Downstream Component ('Injection')
Impact What kind of vulnerability is it? Who is impacted? SseStream.transform interpolates message.type and message.id directly into Server-Sent Events text protocol output without sanitizing newline characters \r, \n. Since the SSE protocol treats both \r and \n as field delimiters and \n\n as...
GHSA-36XV-JGW5-4Q75 @nestjs/core Improperly Neutralizes Special Elements in Output Used by a Downstream Component ('Injection')
Impact What kind of vulnerability is it? Who is impacted? SseStream.transform interpolates message.type and message.id directly into Server-Sent Events text protocol output without sanitizing newline characters \r, \n. Since the SSE protocol treats both \r and \n as field delimiters and \n\n as...
PT-2026-30760
Name of the Vulnerable Software and Affected Versions Nest versions prior to 11.1.18 Description The SseStream. transform function interpolates message.type and message.id directly into Server-Sent Events text protocol output without sanitizing newline characters r, . Because the SSE protocol use...
PT-2026-29672
Name of the Vulnerable Software and Affected Versions Go MCP SDK versions prior to 1.4.0 Description The Go MCP SDK, utilizing Go's standard encoding/json, did not enable DNS rebinding protection by default for HTTP-based servers prior to version 1.4.0. When an HTTP-based MCP server was run on...
Security Bulletin: Remediation of Multiple Spring Vulnerabilities in IBM Library Support for Spring
Summary Multiple Spring Vulnerabilities have been addressed in IBM Library Support for Spring Vulnerability Details CVEID:CVE-2026-22731 DESCRIPTION: Spring Boot applications with Actuator can be vulnerable to an "Authentication Bypass" vulnerability when an application endpoint that requires...
Security Bulletin: Remediation of Multiple Spring Vulnerabilities in IBM Library Support for Spring
Summary Multiple Spring Vulnerabilities have been addressed in IBM Library Support for Spring Vulnerability Details CVEID:CVE-2026-22733 DESCRIPTION: Spring Boot applications with Actuator can be vulnerable to an "Authentication Bypass" vulnerability when an application endpoint that requires...
Security Bulletin: Remediation of Multiple Spring Vulnerabilities in IBM Library Support for Spring
Summary Multiple Spring Vulnerabilities have been addressed in IBM Library Support for Spring Vulnerability Details CVEID:CVE-2026-22733 DESCRIPTION: Spring Boot applications with Actuator can be vulnerable to an "Authentication Bypass" vulnerability when an application endpoint that requires...
GHSA-HV2W-8MJJ-JW22 MCP Java SDK has a Hardcoded Wildcard CORS (Access-Control-Allow-Origin: *)
Summary Hardcoded Wildcard CORS Access-Control-Allow-Origin: - https://github.com/modelcontextprotocol/java-sdk/blob/main/mcp-core/src/main/java/io/modelcontextprotocol/server/transport/HttpServletSseServerTransportProvider.javaL289 -...
CVE-2026-33946
MCP Ruby SDK is the official Ruby SDK for Model Context Protocol servers and clients. Prior to version 0.9.2, the Ruby SDK's streamablehttptransport.rb implementation contains a session hijacking vulnerability. An attacker who obtains a valid session ID can completely hijack the victim's...
PT-2026-29161
Name of the Vulnerable Software and Affected Versions MCP Java SDK versions prior to 1.0.1 MCP Java SDK versions prior to 1.1.1 Description The MCP Java SDK contains a hardcoded wildcard Cross-Origin Resource Sharing CORS configuration, specifically setting Access-Control-Allow-Origin to ''. This...
CVE-2026-31950
LibreChat is a ChatGPT clone with additional features. In versions 0.8.2-rc2 through 0.8.2-rc3, the SSE streaming endpoint /api/agents/chat/stream/:streamId does not verify that the requesting user owns the stream. Any authenticated user who obtains or guesses a valid stream ID can subscribe and...
Session Hijacking
MCP Ruby SDK is vulnerable to Session Hijacking. The vulnerability is due to insufficient session binding, where an attacker who obtains a valid session ID can completely hijack the victim's Server-Sent Events SSE stream and intercept all real-time data...
Session Fixation
Overview mcp is a The official Ruby SDK for Model Context Protocol servers and clients Affected versions of this package are vulnerable to Session Fixation through the storestreamforsession process in lib/mcp/server/transports/streamablehttptransport.rb. An attacker can intercept all subsequent...
CVE-2026-33946
MCP Ruby SDK is the official Ruby SDK for Model Context Protocol servers and clients. Prior to version 0.9.2, the Ruby SDK's streamablehttptransport.rb implementation contains a session hijacking vulnerability. An attacker who obtains a valid session ID can completely hijack the victim's...
CVE-2026-33946
MCP Ruby SDK is the official Ruby SDK for Model Context Protocol servers and clients. Prior to version 0.9.2, the Ruby SDK's streamablehttptransport.rb implementation contains a session hijacking vulnerability. An attacker who obtains a valid session ID can completely hijack the victim's...
EUVD-2026-16866
MCP Ruby SDK is the official Ruby SDK for Model Context Protocol servers and clients. Prior to version 0.9.2, the Ruby SDK's streamablehttptransport.rb implementation contains a session hijacking vulnerability. An attacker who obtains a valid session ID can completely hijack the victim's...
CVE-2026-33946 MCP Ruby SDK: Insufficient Session Binding Allows SSE Stream Hijacking via Session ID Replay
MCP Ruby SDK is the official Ruby SDK for Model Context Protocol servers and clients. Prior to version 0.9.2, the Ruby SDK's streamablehttptransport.rb implementation contains a session hijacking vulnerability. An attacker who obtains a valid session ID can completely hijack the victim's...
CVE-2026-33946
The CVE affects the MCP Ruby SDK prior to 0.9.2. In streamable_http_transport.rb, an attacker with a valid session ID can hijack the victim’s SSE stream and intercept real-time data, due to insufficient session binding. Version 0.9.2 patches this. No additional exploit details are provided beyond...
CVE-2026-31950 LibreChat's IDOR in SSE Stream Subscription Allows Reading Other Users' Chats
LibreChat is a ChatGPT clone with additional features. In versions 0.8.2-rc2 through 0.8.2-rc3, the SSE streaming endpoint /api/agents/chat/stream/:streamId does not verify that the requesting user owns the stream. Any authenticated user who obtains or guesses a valid stream ID can subscribe and...
MCP Ruby SDK: Insufficient Session Binding Allows SSE Stream Hijacking via Session ID Replay
Summary The Ruby SDK's streamablehttptransport.rb implementation contains a session hijacking vulnerability. An attacker who obtains a valid session ID can completely hijack the victim's Server-Sent Events SSE stream and intercept all real-time data. Details Root Cause The StreamableHTTPTransport...