CVE-2026-5607

A security vulnerability has been detected in imprvhub mcp-browser-agent up to 0.8.0. This impacts the function CallToolRequestSchema of the file src/handlers.ts of the component URL Parameter Handler. The manipulation of the argument request.params.name/request.params.arguments leads to...

EUVD-2026-19144

A security vulnerability has been detected in imprvhub mcp-browser-agent up to 0.8.0. This impacts the function CallToolRequestSchema of the file src/handlers.ts of the component URL Parameter Handler. The manipulation of the argument request.params.name/request.params.arguments leads to...

CVE-2026-5607

A security vulnerability has been detected in imprvhub mcp-browser-agent up to 0.8.0. This impacts the function CallToolRequestSchema of the file src/handlers.ts of the component URL Parameter Handler. The manipulation of the argument request.params.name/request.params.arguments leads to...

CVE-2026-5607 imprvhub mcp-browser-agent URL Parameter handlers.ts CallToolRequestSchema server-side request forgery

A security vulnerability has been detected in imprvhub mcp-browser-agent up to 0.8.0. This impacts the function CallToolRequestSchema of the file src/handlers.ts of the component URL Parameter Handler. The manipulation of the argument request.params.name/request.params.arguments leads to...

CVE-2026-5607

A security vulnerability has been detected in imprvhub mcp-browser-agent up to 0.8.0. This impacts the function CallToolRequestSchema of the file src/handlers.ts of the component URL Parameter Handler. The manipulation of the argument request.params.name/request.params.arguments leads to...

CVE-2026-5607 imprvhub mcp-browser-agent URL Parameter handlers.ts CallToolRequestSchema server-side request forgery

A security vulnerability has been detected in imprvhub mcp-browser-agent up to 0.8.0. This impacts the function CallToolRequestSchema of the file src/handlers.ts of the component URL Parameter Handler. The manipulation of the argument request.params.name/request.params.arguments leads to...

CVE-2026-5607

CVE-2026-5607 affects imprvhub mcp-browser-agent up to 0.8.0. The vulnerability resides in URL Parameter Handler’s CallToolRequestSchema within src/handlers.ts where manipulating request.params.name/request.params.arguments enables server-side request forgery. Public exploit disclosure and remote...

PT-2026-30515

A security vulnerability has been detected in imprvhub mcp-browser-agent up to 0.8.0. This impacts the function CallToolRequestSchema of the file src/handlers.ts of the component URL Parameter Handler. The manipulation of the argument request.params.name/request.params.arguments leads to...

MCP Browser Agent 代码问题漏洞

The MCP Browser Agent is an AI proxy tool for browser automation and web interaction, developed by Iván Luna. Versions of the MCP Browser Agent prior to 0.8.0 have code vulnerabilities that stem from incorrect handling of parameters request.params.name and request.params.arguments, which may lead...

Zero-Click Agentic Browser Attack Can Delete Entire Google Drive Using Crafted Emails

A new agentic browser attack targeting Perplexity's Comet browser that's capable of turning a seemingly innocuous email into a destructive action that wipes a user's entire Google Drive contents, findings from Straiker STAR Labs show. The zero-click Google Drive Wiper technique hinges on connecti...

Building Browser Agents: Architecture, Security, and Practical Solutions

Browser agents enable autonomous web interaction but face critical reliability and security challenges in production. This paper presents findings from building and operating a production browser agent. The analysis examines where current approaches fail and what prevents safe autonomous operatio...

DESKTOP-NQLQSKD

A Remote Browser's Agent XSS is a piece of software that allows a remote "operator" to control a browser as if he has physical access to that system. While desktop sharing and remote administration have many legal uses, "XSS" software is usually associated with criminal or malicious activity...

jpvdYKiLAUi4eai

A Remote Browser's Agent XSS is a piece of software that allows a remote "operator" to control a browser as if he has physical access to that system. While desktop sharing and remote administration have many legal uses, "XSS" software is usually associated with criminal or malicious activity...

wbNj8EIMfXlmDDE

A Remote Browser's Agent XSS is a piece of software that allows a remote "operator" to control a browser as if he has physical access to that system. While desktop sharing and remote administration have many legal uses, "XSS" software is usually associated with criminal or malicious activity...

i5KgPODid4AYSjd

A Remote Browser's Agent XSS is a piece of software that allows a remote "operator" to control a browser as if he has physical access to that system. While desktop sharing and remote administration have many legal uses, "XSS" software is usually associated with criminal or malicious activity...

g6LJ13AJmUiI3LV

A Remote Browser's Agent XSS is a piece of software that allows a remote "operator" to control a browser as if he has physical access to that system. While desktop sharing and remote administration have many legal uses, "XSS" software is usually associated with criminal or malicious activity...

Darwin Streaming Server <= 4.1.2 (parse_xml.cgi) Code Execution Exploit

No description provided by source. !/usr/bin/perl QTTS REMOTE ROOT exploit by FOXMULDER [email protected] FOXMULDER PRESENTS foxmulderatabv.bg DarwinOSX4.x? 5.X QTSSQuick Time Stream Server 3.X The bug in Darwin 5.X with unpatched QTSS in parsexml.cgi which lead to remote root compromise: $filenam...

Veritas Backup Exec Agent 8.x9.x - Browser Overflow

Veritas Backup Exec Agent 8.x9.x - Browser Overflow / Got to give it to class101 on this one. Tested and penetrated. / str0ke / / VERITAS Backup Exec v9.1.4691.SP1 v9.1.4691.SP0 v8.5.3572 Agent Browser Service, Remote Stack Overflow Highly Critical All credits to:...