6 matches found
CVE-2026-27896 MCP Go SDK Vulnerable to Improper Handling of Case Sensitivity
The Go MCP SDK used Go's standard encoding/json.Unmarshal for JSON-RPC and MCP protocol message parsing in versions prior to 1.3.1. Go's standard library performs case-insensitive matching of JSON keys to struct field tags — a field tagged json:"method" would also match "Method", "METHOD", etc...
PT-2025-43162
Name of the Vulnerable Software and Affected Versions CMSSuperHeroes Clanora versions prior to 1.3.1 Description The software contains a flaw related to unrestricted file uploads, potentially allowing the use of malicious files. This could allow an attacker to upload files of dangerous types...
PT-2023-13734 · WordPress · Authenticator
Name of the Vulnerable Software and Affected Versions: Authenticator WordPress plugin versions prior to 1.3.1 Description: The issue arises from the plugin's failure to restrict subscribers from updating a site's feed access token. This could potentially deny other users access to certain...
PT-2021-14678 · Jenkins · Jenkins Rest List Parameter Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins REST List Parameter Plugin versions 1.3.0 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability due to the failure to escape a parameter name reference in embedded JavaScript. This vulnerability...
PT-2018-16143 · Npm · Mixin-Deep
Name of the Vulnerable Software and Affected Versions: mixin-deep versions prior to 1.3.1 Description: The issue allows a malicious user to modify the prototype of Object via proto , causing the addition or modification of an existing property that will exist on all objects. This is achieved...
PT-2005-2898 · Invision · Invision Gallery
Name of the Vulnerable Software and Affected Versions: Invision Gallery versions prior to 1.3.1 Description: A cross-site request forgery issue allows remote attackers to perform actions such as deleting albums and images as another user. This can be achieved via a link or IMG tag to specific...