Lucene search
+L

5 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 5:6 a.m.8 views

Malicious code in @mastra/mcp-registry-registry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45ba997a42d41e72f38a36e0a6122b28388f73eb479dc41f7c1b77b6a75f91c8 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
OSV
OSV
added 2026/06/17 3:11 a.m.7 views

MAL-2026-5955 Malicious code in @mastra/mcp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8fbae003cd01bc2b7f477773c49bbd2254e8ec61118b865fb98abcc832a3f9af The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
Veracode
Veracode
added 2025/11/06 5:59 p.m.7 views

Directory Traversal

@mastra/mcp-docs-server is vulnerable to Directory Traversal. The vulnerability is due to improper validation of file path inputs in the directory suggestion logic, which allows an attacker to bypass path traversal checks and list the contents of arbitrary directories on the user’s filesystem...

6.5CVSS7.1AI score0.00541EPSS
Exploits0References3Affected Software1
Snyk
Snyk
added 2025/09/24 8:5 p.m.4 views

Exposure of Information Through Directory Listing

Overview @mastra/mcp-docs-server is a MCP server for accessing Mastra.ai documentation, changelogs, and news. Affected versions of this package are vulnerable to Exposure of Information Through Directory Listing via the execute function. An attacker can access sensitive directory listings by...

7.1CVSS6.9AI score0.00541EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2025/09/24 8:5 p.m.11 views

Mastra Docs MCP Server `@mastra/mcp-docs-server` Leads to Information Exposure

The Mastra Docs MCP Server package @mastra/mcp-docs-server is a server designed to provide documentation context to AI agentic workflows, such as those used in AI-powered IDEs. Resources: Package URL: https://www.npmjs.com/package/@mastra/mcp-docs-server ----- Overview The @mastra/mcp-docs-server...

6.5CVSS7.2AI score0.00541EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder