761 matches found
CVE-2026-11720
A path traversal vulnerability exists in the HTTP tool URL builder of googleapis/mcp-toolbox. When constructing downstream API requests, the URL builder substitutes user-controlled pathParams into the configured tool path and parses the resulting string as a relative URL. While it checks that the...
CVE-2026-11720
The CVE-2026-11720 entry describes a path traversal flaw in the HTTP tool URL builder of googleapis/mcp-toolbox. User-controlled pathParams are substituted into a configured tool path and then parsed as a relative URL; while scheme/host/user info are checked, final resolution uses ResolveReferenc...
GHSA-5GF6-GC35-XJPC MCP Toolbox for Databases: authenticated authorization bypass
An authenticated authorization bypass vulnerability exists in MCP Toolbox for Databases due to missing scope enforcement across older protocol handlers. While the 2025-11-25 protocol version handler correctly enforces per-tool restrictions defined by scopesRequired, older supported protocol...
GHSA-8FCC-W5HV-4GXV googleapis/mcp-toolbox: authentication bypass vulnerability in the generic opaque token validation path (validateOpaqueToken)
An authentication bypass vulnerability exists in the generic opaque token validation path validateOpaqueToken of googleapis/mcp-toolbox. When verifying an unparsed opaque token via an OAuth 2.0 introspection endpoint RFC 7662, the toolbox decodes the response into an introspectResp struct where t...
CVE-2026-11718
An authentication bypass vulnerability exists in the generic opaque token validation path validateOpaqueToken of googleapis/mcp-toolbox. When the toolbox validates an opaque token via an OAuth 2.0 introspection endpoint RFC 7662, it decodes the response into an introspectResp struct. However, the...
CVE-2026-11719
An authenticated authorization bypass vulnerability exists in MCP Toolbox for Databases due to missing scope enforcement across older protocol handlers. While the 2025-11-25 protocol version handler correctly enforces per-tool restrictions defined by scopesRequired, older supported protocol...
CVE-2026-11717
An authentication bypass vulnerability exists in the generic opaque token validation path validateOpaqueToken of googleapis/mcp-toolbox. When verifying an unparsed opaque token via an OAuth 2.0 introspection endpoint RFC 7662, the toolbox decodes the response into an introspectResp struct where t...
CVE-2026-11719
CVE-2026-11719 describes an authenticated authorization bypass in MCP Toolbox for Databases due to missing scope enforcement on older protocol handlers. The 2025-11-25 protocol version handler enforces per-tool scope restrictions, but older versions (2025-06-18, 2025-03-26, 2024-11-05) omit this ...
EUVD-2026-37881
An authenticated authorization bypass vulnerability exists in MCP Toolbox for Databases due to missing scope enforcement across older protocol handlers. While the 2025-11-25 protocol version handler correctly enforces per-tool restrictions defined by scopesRequired, older supported protocol...
EUVD-2026-37879
An authentication bypass vulnerability exists in the generic opaque token validation path validateOpaqueToken of googleapis/mcp-toolbox. When verifying an unparsed opaque token via an OAuth 2.0 introspection endpoint RFC 7662, the toolbox decodes the response into an introspectResp struct where t...
CVE-2026-11717
CVE-2026-11717 details an authentication bypass in googleapis/mcp-toolbox, specifically in the validateOpaqueToken path. When verifying an unparsed opaque token via an OAuth 2.0 introspection endpoint (RFC 7662), the toolbox decodes the response into an introspectResp with Active as a *bool. The ...
PT-2026-50659
Name of the Vulnerable Software and Affected Versions googleapis/mcp-toolbox affected versions not specified Description An authentication bypass exists in the generic opaque token validation path validateOpaqueToken. When verifying an unparsed opaque token via an OAuth 2.0 introspection endpoint...
Malicious code in @tenforce/toolbox-fontmap (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fc43bc0434418226ca77115c791ff0ea0031a0d314e73acfe0a62686528ceaad Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview @tenforce/toolbox-fontmap is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
MAL-2026-5663 Malicious code in @tenforce/toolbox-fontmap (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fc43bc0434418226ca77115c791ff0ea0031a0d314e73acfe0a62686528ceaad Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2026-31229
The Adversarial Robustness Toolbox ART thru 1.20.1 contains an insecure deserialization vulnerability CWE-502 in its Kubeflow component's model loading functionality. When loading model weights from a file e.g., model.pt during robustness evaluation, the code uses torch.load without the...
CVE-2026-31230
The Adversarial Robustness Toolbox ART thru 1.20.1 contains a command-line argument injection vulnerability in its Kubeflow component robustnessevaluationfgsmpytorch.py. The script uses the unsafe eval function to parse string values provided via the --clipvalues and --inputshape command-line...
CVE-2026-31228
The Adversarial Robustness Toolbox ART thru 1.20.1 contains a remote code execution vulnerability in its Kubeflow component. The robustness evaluation function for PyTorch models uses the unsafe eval function to dynamically evaluate user-supplied strings for the LossFn and Optimizer parameters...
CVE-2026-9739
Vulnerable to DNS rebinding attacks when using SSE http://b/499408790. During the beta phase, we implemented allowed-origins and allowed-hosts flags to align with MCP security guidelines. However, the hardcoded Access-Control-Allow-Origin: header in the SSE initialization handler was inadvertentl...
EUVD-2026-32672
Vulnerable to DNS rebinding attacks when using SSE http://b/499408790. During the beta phase, we implemented allowed-origins and allowed-hosts flags to align with MCP security guidelines. However, the hardcoded Access-Control-Allow-Origin: header in the SSE initialization handler was inadvertentl...