403 matches found
EUVD-2026-41530
A vulnerability exists in the Kong Konnect Model Context Protocol MCP server prior to version 1.0.0, which could allow a remote attacker to perform an indirect prompt injection attack and execute unintended API requests...
CVE-2026-13341
A vulnerability exists in the Kong Konnect Model Context Protocol MCP server prior to version 1.0.0, which could allow a remote attacker to perform an indirect prompt injection attack and execute unintended API requests...
PT-2026-55525
Name of the Vulnerable Software and Affected Versions Kong Konnect MCP server versions prior to 1.0.0 Description An issue exists where the server fails to properly validate content returned to the Large Language Model LLM. This allows a remote attacker to perform an indirect prompt injection by...
PYSEC-2026-472 PraisonAI MCP `tools/call` path-traversal => RCE via Python `.pth` injection
Summary PraisonAI's MCP Model Context Protocol server praisonai mcp serve registers four file-handling tools by default — praisonai.rules.create, praisonai.rules.show, praisonai.rules.delete, and praisonai.workflow.show. Each accepts a path or filename string from MCP tools/call arguments and joi...
EUVD-2026-37951
mcp-pinot: Unauthenticated tool invocation via default oauthenabled=False + host 0.0.0.0 bind...
GO-2026-5771 DNS Rebinding Protection Disabled by Default in Model Context Protocol Go SDK for Servers Running on Localhost in github.com/modelcontextprotocol/go-sdk
DNS Rebinding Protection Disabled by Default in Model Context Protocol Go SDK for Servers Running on Localhost in github.com/modelcontextprotocol/go-sdk...
PT-2026-50795
Name of the Vulnerable Software and Affected Versions mcp-pinot versions prior to 3.1.0 Description mcp-pinot is a Python-based Model Context Protocol MCP server for interacting with Apache Pinot. The software defaults to running an HTTP MCP server bound to 0.0.0.0:8080 without authentication. Th...
CVE-2026-11624
The Model Context Protocol has a security warning advising servers to validate the "Origin" header on all incoming connections to prevent DNS rebinding attacks. Prior to the v0.25.0 release, users had no way to validate the origin's host. In v0.25.0, a new "--allowed-hosts" flag was introduced...
CVE-2026-11624
The Model Context Protocol has a security warning advising servers to validate the "Origin" header on all incoming connections to prevent DNS rebinding attacks. Prior to the v0.25.0 release, users had no way to validate the origin's host. In v0.25.0, a new "--allowed-hosts" flag was introduced...
CVE-2026-11624
The CVE-2026-11624 entry concerns the Model Context Protocol server where origin validation of the Origin header affects DNS rebinding risk. Before v0.25.0 there was no host validation; v0.25.0 introduces --allowed-hosts and --allowed-origins flags to specify permitted hosts at startup. Both flag...
PT-2026-49089
Name of the Vulnerable Software and Affected Versions Model Context Protocol versions prior to 0.25.0 Description Servers fail to validate the "Origin" header on incoming connections, which may allow DNS rebinding attacks. DNS rebinding is a method of bypassing the Same-Origin Policy to interact...
Agentjacking Attack Tricks AI Coding Agents Into Running Malicious Code
Cybersecurity researchers have described what they say is a new class of attack that can trick artificial intelligence AI coding agents into running arbitrary code on developer machines. Called Agentjacking by Tenet Security, the attack can be triggered by means of a fake error report crafted usi...
Insufficiently Protected Credentials
Overview meta-ads-mcp is a Model Context Protocol MCP server for Meta Ads - Use Remote MCP at pipeboard.co for easiest setup Affected versions of this package are vulnerable to Insufficiently Protected Credentials via the AuthInjectionMiddleware.dispatch process. An attacker can gain unauthorized...
MAL-2026-5479 Malicious code in mcp-server-github (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 156761c4bd0e22759f082d7c030c241be12301dced1e58943c17aaacf9fe0958 Package squats the unscoped name mcp-server-github to intercept installs intended for the official @modelcontextprotocol/server-github. package.json...
Security Bulletin: IBM Datapower Operations Dashboard is vulnerable to Insecure Default Initialization of Resource CVE-2025-66414
Summary MCP TypeScript SDK is used by the IBM Datapower Operations Dashboard to implement the Model Context Protocol MCP using Node.js Vulnerability Details CVEID:CVE-2025-66414 DESCRIPTION: MCP TypeScript SDK is the official TypeScript SDK for Model Context Protocol servers and clients. Prior to...
mcp-tool-poisoning-poc
mcp-tool-poisoning — Educational PoC Demonstrates the Too...
Exploit for Missing Authentication for Critical Function in Mcpjam Inspector
CVE-2026-23744-MCPJAM-RCE-exploit This Python proof-of-concept...
ROOT-APP-NPM-CVE-2025-66414 CVE-2025-66414 in @rootio/modelcontextprotocol__sdk - Patched by Root
Root has patched CVE-2025-66414 in the @rootio/modelcontextprotocolsdk package for Root:npm. Multiple fixed versions available...
Updating the taxonomy of failure modes in agentic AI systems: What a year of red teaming taught us
In this article 1. Why the Taxonomy Needed Updating 2. Seven new failure modes 3. Operational findings: What red teaming showed 4. New mitigations 5. What to do this quarter When the Microsoft AI Red Team published the Taxonomy of Failure Modes in Agentic AI Systems in April 2025, the goal was a...
ROOT-APP-NPM-CVE-2025-49596 CVE-2025-49596 in @rootio/modelcontextprotocol__inspector - Patched by Root
Root has patched CVE-2025-49596 in the @rootio/modelcontextprotocolinspector package for Root:npm. Multiple fixed versions available...