Lucene search
K

9 matches found

Snyk
Snyk
added 6 days ago6 views

Authentication Bypass Using an Alternate Path or Channel

Overview litellm is a Library to easily interface with LLM API providers Affected versions of this package are vulnerable to Authentication Bypass Using an Alternate Path or Channel via the OAuth2 passthrough fallback in MCPRequestHandler.processmcprequest in...

8.8CVSS6.1AI score0.00286EPSS
Exploits0References2
NVD
NVD
added 2026/06/02 11:16 p.m.14 views

CVE-2026-32625

LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. In versions up to and including 0.8.3, the Model Context Protocol MCP server integration resolves $VAR placeholders against the server's process.env during Zod schema validation of user-supplied MCP server URLs. Any...

9.6CVSS0.0294EPSS
Exploits1References1
CVE
CVE
added 2026/04/02 6:15 a.m.20 views

CVE-2026-5323

The CVE-2026-5323 entry affects priyankark a11y-mcp (up to 1.0.5), specifically the A11yServer function in src/index.js, causing a server-side request forgery. Exploitation requires a local position. An exploit has been made public. Upgrade to version 1.0.6 to resolve, with patch id e3e11c9e8482b...

5.3CVSS5.6AI score0.0013EPSS
Exploits0References6
Snyk
Snyk
added 2026/02/26 10:20 p.m.6 views

Interpretation Conflict

Overview Affected versions of this package are vulnerable to Interpretation Conflict in the JSON-RPC and MCP protocol message parsing. An attacker can bypass intermediary inspection or cause cross-implementation inconsistencies by sending protocol messages with non-standard field casing or Unicod...

8.7CVSS6AI score0.00255EPSS
Exploits0References3
CVE
CVE
added 2026/02/26 12:47 a.m.26 views

CVE-2026-27896

The CVE-2026-27896 concerns the Go MCP SDK, affected in versions prior to 1.3.1, where Go’s json.Unmarshal (case-insensitive field matching) could accept non-standard JSON-RPC/MCP field casing. This violates JSON-RPC 2.0’s exact field names and could allow messages to bypass intermediary inspecti...

7.5CVSS5.3AI score0.00255EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/26 12:47 a.m.6 views

CVE-2026-27896

The Go MCP SDK used Go's standard encoding/json.Unmarshal for JSON-RPC and MCP protocol message parsing in versions prior to 1.3.1. Go's standard library performs case-insensitive matching of JSON keys to struct field tags — a field tagged json:"method" would also match "Method", "METHOD", etc...

7CVSS5.3AI score0.00255EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/26 12:0 a.m.8 views

PT-2026-22069

Name of the Vulnerable Software and Affected Versions Go MCP SDK versions prior to 1.3.1 Description The Go MCP SDK used Go's standard encoding/json.Unmarshal for JSON-RPC and MCP protocol message parsing. Go's standard library performs case-insensitive matching of JSON keys to struct field tags,...

9.9CVSS6.9AI score0.22162EPSS
Exploits70References142
OSV
OSV
added 2025/10/10 7:50 p.m.5 views

CVE-2025-61929 Cherry Studio allows one-click on a specific URL to cause a command to execute

Cherry Studio is a desktop client that supports for multiple LLM providers. Cherry Studio registers a custom protocol called cherrystudio://. When handling the MCP installation URL, it parses the base64-encoded configuration data and directly executes the command within it. In the files...

9.6CVSS7AI score0.00439EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/10 7:50 p.m.6 views

EUVD-2025-33778

Cherry Studio is a desktop client that supports for multiple LLM providers. Cherry Studio registers a custom protocol called cherrystudio://. When handling the MCP installation URL, it parses the base64-encoded configuration data and directly executes the command within it. In the files...

9.6CVSS6.5AI score0.00439EPSS
Exploits1References1
Rows per page
Query Builder