Lucene search
+L

24 matches found

osv
osv
added 2026/06/26 9:5 p.m.2 views

GHSA-73CV-556C-W3G6 mcp-pinot: Unauthenticated tool invocation via default oauth_enabled=False + host 0.0.0.0 bind

Resolution Fixed in v3.1.0, released 2026-05-25. The fix was merged in PR 95 at commit 1c7d3f9. The fix changes the default HTTP bind host to 127.0.0.1, refuses non-loopback HTTP/HTTPS exposure unless OAuth is enabled, makes Helm exposure opt-in and OAuth-gated, and adds parser-backed...

10CVSS6.1AI score0.00498EPSS
Exploits0References6
euvd
euvd
added 2026/06/26 10:41 a.m.6 views

EUVD-2026-39645

A flaw was found in KubeVirt's migration proxy. When spec.configuration.migrations.disableTLS is set to true on the KubeVirt custom resource, the target virt-handler binds a plain TCP listener on all interfaces 0.0.0.0/:: on a random port with no authentication, peer allow-list, or handshake toke...

8.5CVSS5.8AI score0.00175EPSS
Exploits0References2
osv
osv
added 2026/06/24 7:14 a.m.2 views

CVE-2026-52917 sctp: diag: reject stale associations in dump_one path

In the Linux kernel, the following vulnerability has been resolved: sctp: diag: reject stale associations in dumpone path The SCTP exact sockdiag lookup can hold a transport reference, block on locksocksk, and then resume after sctpassociationfree has marked the association dead and freed its bin...

7.1CVSS5.8AI score0.00126EPSS
Exploits0References11
cvelist
cvelist
added 2026/06/19 1:11 p.m.31 views

CVE-2026-49357 Streamable HTTP mode exposes LINE Desktop read/send tools without MCP authentication

Line Desktop MCP is a project that, while unaffiliated with the official line-bot-mcp-server, allows users to directly operate the LINE Desktop application on Windows or Mac via MCP. line-desktop-mcp supports a --http-mode Streamable HTTP transport for use with clients such as n8n. In this mode t...

8.8CVSS0.00323EPSS
Exploits0References2
osv
osv
added 2026/06/18 9:1 p.m.4 views

CVE-2026-49257 mcp-pinot: Unauthenticated tool invocation via default oauth_enabled=False + host 0.0.0.0 bind

mcp-pinot is a Python-based Model Context Protocol MCP server for interacting with Apache Pinot. In versions 3.0.1 and below, mcp-pinot defaults to running an HTTP MCP server bound to 0.0.0.0:8080 with no authentication enabled. All MCP tools, including SQL query execution, schema creation, and...

10CVSS5.9AI score0.00498EPSS
Exploits0References6
redhatcve
redhatcve
added 2026/06/05 7:16 p.m.10 views

CVE-2026-42856

Network-AI is a TypeScript/Node.js multi-agent orchestrator. Prior to 5.1.3, the MCP HTTP transport accepts JSON-RPC tools/call requests with no authentication, session, origin, or token check, and dispatches them directly to the orchestrator's tool registry. The default bind address is 0.0.0.0. ...

8.7CVSS5.5AI score0.00471EPSS
Exploits0References1
github
github
added 2026/05/29 6:22 p.m.19 views

Ironic Standalone Operator's prometheus metrics exporter bound to all interfaces

Impact The Ironic Standalone Operator IRSO is the operator to maintain an Ironic deployment for Metal3. The Prometheus metrics exporter binds to 0.0.0.0 all network interfaces by default with no authentication. The default config is disabled. If enabled, this exposes operational metrics to any ho...

5.8AI score
Exploits0References3Affected Software1
ptsecurity
ptsecurity
added 2026/05/29 12:0 a.m.16 views

PT-2026-45061

Name of the Vulnerable Software and Affected Versions PraisonAI Platform affected versions not specified Description The server contains multiple authorization flaws. First, a cross-tenant Insecure Direct Object Reference IDOR exists because the require workspace member dependency only validates...

9.4CVSS5.8AI score0.00043EPSS
Exploits0References7
cnnvd
cnnvd
added 2026/05/27 12:0 a.m.17 views

dalfox 访问控制错误漏洞

Dalfox is an automated cross-site scripting scanning tool developed by HAHWUL. Versions of Dalfox prior to 2.13.0 contained a access control vulnerability. This vulnerability stemmed from the default binding of the REST API server to 0.0.0.0:6664, without the need for an API key. Additionally, th...

10CVSS5.9AI score0.01051EPSS
Exploits2References2
nvd
nvd
added 2026/05/11 6:16 p.m.48 views

CVE-2026-42856

Network-AI is a TypeScript/Node.js multi-agent orchestrator. Prior to 5.1.3, the MCP HTTP transport accepts JSON-RPC tools/call requests with no authentication, session, origin, or token check, and dispatches them directly to the orchestrator's tool registry. The default bind address is 0.0.0.0. ...

8.7CVSS0.00471EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/05/11 5:42 p.m.7 views

CVE-2026-42856

Network-AI is a TypeScript/Node.js multi-agent orchestrator. Prior to 5.1.3, the MCP HTTP transport accepts JSON-RPC tools/call requests with no authentication, session, origin, or token check, and dispatches them directly to the orchestrator's tool registry. The default bind address is 0.0.0.0. ...

8.7CVSS5.8AI score0.00471EPSS
Exploits0References2Affected Software1
vulnrichment
vulnrichment
added 2026/05/11 5:42 p.m.15 views

CVE-2026-42856 Network-AI: Missing authentication on MCP HTTP endpoint allows unauthenticated privileged tool calls

Network-AI is a TypeScript/Node.js multi-agent orchestrator. Prior to 5.1.3, the MCP HTTP transport accepts JSON-RPC tools/call requests with no authentication, session, origin, or token check, and dispatches them directly to the orchestrator's tool registry. The default bind address is 0.0.0.0. ...

8.7CVSS5.8AI score0.00471EPSS
Exploits0References1
cvelist
cvelist
added 2026/05/11 5:42 p.m.68 views

CVE-2026-42856 Network-AI: Missing authentication on MCP HTTP endpoint allows unauthenticated privileged tool calls

Network-AI is a TypeScript/Node.js multi-agent orchestrator. Prior to 5.1.3, the MCP HTTP transport accepts JSON-RPC tools/call requests with no authentication, session, origin, or token check, and dispatches them directly to the orchestrator's tool registry. The default bind address is 0.0.0.0. ...

8.7CVSS0.00471EPSS
Exploits0References1
github
github
added 2026/05/05 5:25 p.m.16 views

Network-AI missing authentication on MCP HTTP endpoint, which allows unauthenticated privileged tool calls

Security Advisory: Missing Authentication for Critical Function in Jovancoding/Network-AI | Field | Value | |---|---| | Project | Jovancoding/Network-AI | | Repository | https://github.com/Jovancoding/Network-AI | | Affected commit | c344f2053eb0d49395988f803bf92f2a86b2a0d0 | | Affected tested...

8.7CVSS6AI score0.00471EPSS
Exploits0References3Affected Software1
osv
osv
added 2026/05/05 5:25 p.m.56 views

GHSA-FJ4G-2P96-Q6M3 Network-AI missing authentication on MCP HTTP endpoint, which allows unauthenticated privileged tool calls

Security Advisory: Missing Authentication for Critical Function in Jovancoding/Network-AI | Field | Value | |---|---| | Project | Jovancoding/Network-AI | | Repository | https://github.com/Jovancoding/Network-AI | | Affected commit | c344f2053eb0d49395988f803bf92f2a86b2a0d0 | | Affected tested...

8.7CVSS6AI score0.00471EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/05/05 12:0 a.m.25 views

PT-2026-37283

Name of the Vulnerable Software and Affected Versions Network-AI versions prior to 5.1.3 Description The MCP HTTP transport accepts JSON-RPC tools/call requests without requiring authentication, sessions, origins, or token checks, dispatching them directly to the orchestrator's tool registry...

8.7CVSS5.8AI score0.00471EPSS
Exploits0References8
osv
osv
added 2025/12/02 12:35 a.m.3 views

GHSA-J4VQ-Q93M-4683 Keycloak has debug default bind address

A vulnerability exists in Keycloak's server distribution where enabling debug mode --debug insecurely defaults to binding the Java Debug Wire Protocol JDWP port to all network interfaces 0.0.0.0. This exposes the debug port to the local network, allowing an attacker on the same network segment to...

6.8CVSS6.4AI score0.00399EPSS
Exploits0References7
redhat
redhat
added 2025/11/13 5:51 p.m.12 views

Moderate: Red Hat Security Advisory: Red Hat build of Keycloak 26.4.4 Security Update

New Red Hat build of Keycloak 26.4.4 packages are available from the Customer Portal Red Hat build of Keycloak 26.4.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. Security fixes...

6.8CVSS5.8AI score0.00399EPSS
Exploits0References1
nvd
nvd
added 2025/09/16 1:15 p.m.11 views

CVE-2025-39812

In the Linux kernel, the following vulnerability has been resolved: sctp: initialize more fields in sctpv6fromsk syzbot found that sin6scopeid was not properly initialized, leading to undefined behavior. Clear sin6scopeid and sin6flowinfo. BUG: KMSAN: uninit-value in sctpv6cmpaddr+0x887/0x8c0...

5.5CVSS0.0016EPSS
Exploits0References11
nvd
nvd
added 2024/08/22 2:15 a.m.41 views

CVE-2022-48925

In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Do not change route.addr.srcaddr outside state checks If the state is not idle then resolvepreparesrc should immediately fail and no change to global state should happen. However, it unconditionally overwrites the srcad...

7.8CVSS0.00222EPSS
Exploits0References4
Rows per page
Query Builder