PT-2026-29672

Name of the Vulnerable Software and Affected Versions Go MCP SDK versions prior to 1.4.0 Description The Go MCP SDK, utilizing Go's standard encoding/json, did not enable DNS rebinding protection by default for HTTP-based servers prior to version 1.4.0. When an HTTP-based MCP server was run on...

EUVD-2026-8770

mcp-server-git : Path traversal in gitadd allows staging files outside repository boundaries...

aiptx-cyber-mcp

Cyber MCPs - Security Tools for AI !MCP Securityhttps://...

Model Context Protocol Servers 路径遍历漏洞

Model Context Protocol Servers is a large model context protocol server from Model Context Protocol open source. A path traversal vulnerability exists in versions of Model Context Protocol Servers prior to 2025.9.25, which stems from the gitinit utility accepting an arbitrary filesystem path and...

PT-2025-27616

Name of the Vulnerable Software and Affected Versions Model Context Protocol Servers Filesystem versions prior to 0.6.4 or 2025.7.01 Model Context Protocol Servers Filesystem versions prior to 0.6.3 or 2025.7.1 Description Model Context Protocol Servers is a collection of reference implementation...