GHSA-V7C4-33VF-CQQQ MCPHub has an Improper Authorization vulnerability via its handleSseConnection function

A vulnerability was identified in samanhappy MCPHub up to 0.9.10. This vulnerability affects the function handleSseConnection of the file src/services/sseService.ts. Such manipulation leads to improper authentication. The attack may be launched remotely. The exploit is publicly available and migh...

MCPHub has an Improper Authorization vulnerability via its handleSseConnection function

A vulnerability was identified in samanhappy MCPHub up to 0.9.10. This vulnerability affects the function handleSseConnection of the file src/services/sseService.ts. Such manipulation leads to improper authentication. The attack may be launched remotely. The exploit is publicly available and migh...

Improper Authentication

Overview @samanhappy/mcphub is an A hub server for mcp servers Affected versions of this package are vulnerable to Improper Authentication via the handleSseConnection function. An attacker can gain unauthorized access and potentially compromise confidentiality, integrity, and availability by...

MCPHub 安全漏洞

MCPHub is an MCP server management tool by samanhappy individual developer. A security vulnerability exists in MCPHub version 0.9.10 and earlier, which stems from improper authentication of the handleSseConnectionfunction function in the sseService.ts file, which could lead to a remote attack...