PT-2026-29672

Name of the Vulnerable Software and Affected Versions Go MCP SDK versions prior to 1.4.0 Description The Go MCP SDK, utilizing Go's standard encoding/json, did not enable DNS rebinding protection by default for HTTP-based servers prior to version 1.4.0. When an HTTP-based MCP server was run on...

EUVD-2026-8770

mcp-server-git : Path traversal in gitadd allows staging files outside repository boundaries...

aiptx-cyber-mcp

Cyber MCPs - Security Tools for AI !MCP Securityhttps://...

Model Context Protocol Servers 路径遍历漏洞

Model Context Protocol Servers is a large model context protocol server from Model Context Protocol open source. A path traversal vulnerability exists in versions of Model Context Protocol Servers prior to 2025.9.25, which stems from the gitinit utility accepting an arbitrary filesystem path and...

PT-2025-27616

Name of the Vulnerable Software and Affected Versions: Model Context Protocol Servers Filesystem versions prior to 0.6.4 or 2025.7.01 Model Context Protocol Servers Filesystem versions prior to 0.6.3 or 2025.7.1 Description: Model Context Protocol Servers is a collection of reference...