CVE-2026-57300

A missing permission check in Jenkins MCP Server Plugin 0.177.v629fdb2557fe and earlier allows attackers with Item/Read permission to read the Pipeline replay scripts of jobs they can access...

CVE-2026-57300

A missing permission check in Jenkins MCP Server Plugin 0.177.v629fdb2557fe and earlier allows attackers with Item/Read permission to read the Pipeline replay scripts of jobs they can access...

CVE-2026-9073

A flaw was found in foreman-mcp-server. This component utilizes two distinct logging mechanisms that can expose sensitive session and authentication data. One mechanism logs session identifiers, which are treated as authentication credentials, at an informational level. The other, when debug...

CVE-2026-12112

A flaw was found in the foreman-mcp-server. A session management vulnerability in the MCP Server allows unauthenticated attackers to hijack active administrative sessions due to an improper cache of authenticated client connections, by trusting a non-secret session ID without re-validating...

CVE-2026-9073

A flaw was found in foreman-mcp-server. This component utilizes two distinct logging mechanisms that can expose sensitive session and authentication data. One mechanism logs session identifiers, which are treated as authentication credentials, at an informational level. The other, when debug...

CVE-2026-9073

Foreman-mcp-server (MCP server) contains a log-related vulnerability that can leak sensitive credentials via log files. Two separate logging paths are involved: (1) session identifiers are logged at informational level and treated as authentication credentials, and (2) debug logging partially san...

CVE-2026-9073

A flaw was found in foreman-mcp-server. This component utilizes two distinct logging mechanisms that can expose sensitive session and authentication data. One mechanism logs session identifiers, which are treated as authentication credentials, at an informational level. The other, when debug...

CVE-2026-12112

A flaw was found in the foreman-mcp-server. A session management vulnerability in the MCP Server allows unauthenticated attackers to hijack active administrative sessions due to an improper cache of authenticated client connections, by trusting a non-secret session ID without re-validating...

CVE-2026-12112

A flaw was found in the foreman-mcp-server. A session management vulnerability in the MCP Server allows unauthenticated attackers to hijack active administrative sessions due to an improper cache of authenticated client connections, by trusting a non-secret session ID without re-validating...

CVE-2026-56274

Flowise before 3.1.2 contains multiple OS command injection vulnerabilities in the Custom MCP Server feature due to incomplete command-flag validation and a regex bypass in local file access restrictions. An attacker with a Flowise account of any role, or API access with view/update permissions f...

EUVD-2026-38434

Flowise before 3.1.2 contains multiple OS command injection vulnerabilities in the Custom MCP Server feature due to incomplete command-flag validation and a regex bypass in local file access restrictions. An attacker with a Flowise account of any role, or API access with view/update permissions f...

CVE-2026-12774

A flaw was found in BerriAI litellm. A remote attacker could exploit a Server-Side Request Forgery SSRF vulnerability in the MCP Server Connection Testing component. This flaw, specifically within the executewithmcpclient function, allows an attacker to trick the server into making unauthorized...

PT-2026-51588

Name of the Vulnerable Software and Affected Versions foreman-mcp-server affected versions not specified Red Hat Satellite affected versions not specified Description A session management issue in the MCP Server allows unauthenticated attackers to hijack active administrative sessions. This occur...

CVE-2026-12798 BerriAI litellm MCP OpenAPI Spec Loader openapi_to_mcp_generator.py load_openapi_spec_async server-side request forgery

A weakness has been identified in BerriAI litellm up to 1.82.2. Affected by this vulnerability is the function loadopenapispecasync of the file litellm/proxy/experimental/mcpserver/openapitomcpgenerator.py of the component MCP OpenAPI Spec Loader. This manipulation of the argument specpath causes...

CVE-2026-12798

CVE-2026-12798 affects BerriAI litellm up to 1.82.2, specifically the MCP OpenAPI Spec Loader’s load_openapi_spec_async function. The root cause is manipulation of the spec_path argument allowing server-side request forgery, which can be triggered remotely. The description notes that the exploit ...

CVE-2026-12774

A security vulnerability has been detected in BerriAI litellm up to 1.82.2. Affected by this vulnerability is the function executewithmcpclient of the file litellm/proxy/experimental/mcpserver/restendpoints.py of the component MCP Server Connection Testing. The manipulation leads to server-side...

EUVD-2026-38140

A security vulnerability has been detected in BerriAI litellm up to 1.82.2. Affected by this vulnerability is the function executewithmcpclient of the file litellm/proxy/experimental/mcpserver/restendpoints.py of the component MCP Server Connection Testing. The manipulation leads to server-side...

CVE-2026-12774 BerriAI litellm MCP Server Connection Testing rest_endpoints.py _execute_with_mcp_client server-side request forgery

A security vulnerability has been detected in BerriAI litellm up to 1.82.2. Affected by this vulnerability is the function executewithmcpclient of the file litellm/proxy/experimental/mcpserver/restendpoints.py of the component MCP Server Connection Testing. The manipulation leads to server-side...

Malicious code in sp-api-dev-assistant-mcp-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 41506fcb0f329d1b260c8aea68fe27eb7b648576521da211f366dc49459bc388 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2026-47250

mcp-server-kubernetes is a Model Context Protocol server for Kubernetes cluster management. Prior to version 3.7.0, the kubectlgeneric tool in mcp-server-kubernetes passes user-supplied flags directly to kubectl without any allowlist, enabling a privilege escalation attack within Kubernetes...