Lucene search
K

65 matches found

EUVD
EUVD
added 2026/06/26 9:50 p.m.10 views

EUVD-2026-38016

Streamable HTTP mode exposes LINE Desktop read/send tools without MCP authentication...

8.8CVSS5.8AI score0.00323EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/06/16 11:32 p.m.13 views

n8n: MCP Browser HTTP Transport Exposes Unauthenticated Browser-Control Sessions

Impact When @n8n/mcp-browser is run in HTTP transport mode, the MCP endpoint accepts session initialization and tool invocation requests without any authentication. Any network-reachable client, or any website visited by the user, can establish an MCP session and invoke browser-control tools. Whe...

10CVSS5.4AI score0.00403EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/12 6:44 p.m.7 views

CVE-2026-50287 Missing Authentication for Critical Function in @agenticmail/mcp

AgenticMail gives AI agents real email addresses and phone numbers. Prior to version 0.9.27, @agenticmail/mcp exposes a Streamable HTTP transport when started with --http or MCPHTTP=1. In that mode, the /mcp endpoint accepts requests without any HTTP authentication layer. A remote client can...

8.7CVSS5.3AI score0.00359EPSS
Exploits0References1
CVE
CVE
added 2026/06/12 6:44 p.m.33 views

CVE-2026-50287

AgenticMail MCP HTTP mode (via --http or MCP_HTTP=1) exposed the /mcp endpoint without HTTP authentication, enabling an unauthenticated remote client to initialize a session and call master-key tools. Affected component: @agenticmail/mcp; impact includes potential exposure of administrative/gatew...

8.7CVSS5.3AI score0.00359EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/12 6:44 p.m.35 views

CVE-2026-50287 Missing Authentication for Critical Function in @agenticmail/mcp

AgenticMail gives AI agents real email addresses and phone numbers. Prior to version 0.9.27, @agenticmail/mcp exposes a Streamable HTTP transport when started with --http or MCPHTTP=1. In that mode, the /mcp endpoint accepts requests without any HTTP authentication layer. A remote client can...

8.7CVSS0.00359EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.11 views

PT-2026-48888

Name of the Vulnerable Software and Affected Versions AMD optional tools affected versions not specified Description The use of insecure HTTP transport within the auto-updater allows for a man-in-the-middle attack, which is a technique where an attacker intercepts communication between two partie...

7.7CVSS5.6AI score0.00435EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/10 3:39 p.m.6 views

axios: Axios: HTTP Transport Hijacking via Prototype Pollution

A flaw was found in Axios, an HTTP client library. This vulnerability allows an attacker to exploit a prototype pollution issue if another part of the application has already polluted the Object.prototype. By doing so, the attacker can intercept and modify JSON responses or take control of the HT...

7.4CVSS7.5AI score0.00838EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.19 views

SUSE SLED15 / SLES15 Security Update : go1.25-openssl (SUSE-SU-2026:2079-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2079-1 advisory. This update for go1.25-openssl fixes the following issues Security issues: - CVE-2026-33811: net: crash when...

7.5CVSS6AI score0.00813EPSS
Exploits0References36
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Chromium

Before version 95.0.4638.69, using Web Transport in Google Chrome allowed a remote attacker to potentially perform a sandbox escape through a crafted HTML page...

9.6CVSS8.6AI score0.00942EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/12 12:32 p.m.10 views

EUVD-2026-29437

A remote code execution vulnerability exists in Code Runner MCP Server when run with the --transport http option, which exposes the /mcp JSON-RPC endpoint without authentication on port 3088. An unauthenticated remote attacker can invoke the run-code MCP tool to supply arbitrary source code and...

8.7CVSS6.6AI score0.00291EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/12 9:1 a.m.71 views

CVE-2026-5029 RCE in Code Runner MCP Server

A remote code execution vulnerability exists in Code Runner MCP Server when run with the --transport http option, which exposes the /mcp JSON-RPC endpoint without authentication on port 3088. An unauthenticated remote attacker can invoke the run-code MCP tool to supply arbitrary source code and...

8.7CVSS0.00291EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/08 1:43 p.m.10 views

CVE-2026-41506 go-git Credential leak via cross-host redirect in smart HTTP transport

go-git is an extensible git implementation library written in pure Go. Prior to versions 5.18.0 and 6.0.0-alpha.2, go-git may leak HTTP authentication credentials when following redirects during smart-HTTP clone and fetch operations. This issue has been patched in versions 5.18.0 and 6.0.0-alpha....

4.7CVSS5.7AI score0.00259EPSS
Exploits0References3
OSV
OSV
added 2026/05/05 9:57 p.m.7 views

GHSA-W2JH-77FQ-7GP8 OpAMP client reads unbounded HTTP response bodies

Summary When receiving responses from the OpAMP server over HTTP, the OpAMP client allocates an unbounded buffer to read all bytes from the server, with no upper-bound on the number of bytes consumed. This could cause memory exhaustion in the consuming application if the configured OpAMP server i...

5.9CVSS6AI score0.00311EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/05 12:25 a.m.6 views

EUVD-2026-25589

Axios: Header Injection via Prototype Pollution...

7.4CVSS5.8AI score0.00394EPSS
Exploits1References2
Snyk
Snyk
added 2026/04/25 11:35 p.m.4 views

Insertion of Sensitive Information into Log File

Overview n8n-mcp is an Integration between n8n workflow automation and Model Context Protocol MCP Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File via the request dispatcher and related logging. An attacker can obtain sensitive information, such...

6CVSS5.5AI score0.0025EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/25 12:0 a.m.8 views

PT-2026-37190

Name of the Vulnerable Software and Affected Versions n8n-mcp versions prior to 2.47.13 Description When running in HTTP transport mode, authenticated tools/call requests have their full arguments and JSON-RPC parameters written to server logs by the request dispatcher and related code paths befo...

4.3CVSS5.9AI score0.0025EPSS
Exploits0References12
EUVD
EUVD
added 2026/04/24 10:15 a.m.7 views

EUVD-2026-25410

Improper Input Validation, Improper Control of Generation of Code 'Code Injection' vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. An authenticated attacker may bypass the fix in CVE-2026-34197 by adding a connector using an HTTP Discovery transport...

8.8CVSS6.5AI score0.96666EPSS
Exploits13References1
Snyk
Snyk
added 2026/04/23 2:31 p.m.4 views

Insertion of Sensitive Information into Log File

Overview n8n-mcp is an Integration between n8n workflow automation and Model Context Protocol MCP Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File in the POST /mcp endpoint. An attacker can cause sensitive information such as bearer tokens, API...

6CVSS5.4AI score0.00255EPSS
Exploits0References2
OSV
OSV
added 2026/04/17 10:31 p.m.2 views

GHSA-3XC5-WRHM-F963 go-git: Credential leak via cross-host redirect in smart HTTP transport

Impact go-git may leak HTTP authentication credentials when following redirects during smart-HTTP clone and fetch operations. If a remote repository responds to the initial /info/refs request with a redirect to a different host, go-git updates the session endpoint to the redirected location and...

4.7CVSS5.8AI score0.00259EPSS
Exploits0References5
NVD
NVD
added 2026/04/16 10:16 p.m.6 views

CVE-2026-39313

mcp-framework is a framework for building Model Context Protocol MCP servers. In versions 0.2.21 and below, the readRequestBody function in the HTTP transport concatenates request body chunks into a string with no size limit. Although a maxMessageSize configuration value exists, it is never...

8.7CVSS0.00495EPSS
Exploits0References2
Rows per page
Query Builder