Lucene search
K

426 matches found

Github Security Blog
Github Security Blog
added 2026/05/18 1:29 p.m.17 views

Spring AI MCP Security: Unvalidated URL Fetching (SSRF)

Summary The mcp-security framework fails to implement the mandatory SSRF mitigations outlined in the Model Context Protocol MCP security specifications. Specifically, it processes untrusted URLs for OAuth-related discovery and metadata without verifying if the targets are malicious or internal to...

7.2CVSS5.8AI score0.00198EPSS
Exploits0References6Affected Software1
GithubExploit
GithubExploit
added 2026/05/18 12:9 a.m.74 views

sec-recon-agent

sec-recon-agent Type-safe security triage built on Pydantic A...

5.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/18 12:0 a.m.13 views

PT-2026-41691

Name of the Vulnerable Software and Affected Versions mcp-security versions prior to 0.1.9 Description The mcp-security framework fails to implement mandatory Server-Side Request Forgery SSRF mitigations—a flaw where an attacker can induce the server to make requests to an unintended location—as...

7.2CVSS5.8AI score0.00198EPSS
Exploits0References8
Packet Storm News
Packet Storm News
added 2026/05/17 12:0 a.m.28 views

ADR: An Agentic Detection System for Enterprise Agentic AI Security

We present the Agentic AI Detection and Response ADR system, the first large-scale, production-proven enterprise framework for securing AI agents operating through the Model Context Protocol MCP. We identify three persistent challenges in this domain: 1 limited observability -- existing Endpoint...

5.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/05/15 6:8 a.m.11 views

CVE-2026-42559

A flaw was found in rmcp, the official Rust SDK for the Model Context Protocol. The Streamable HTTP server transport in rmcp failed to validate the incoming Host header, enabling a malicious public website to exploit this through a DNS rebinding attack. This allows the attacker to send...

8.8CVSS5.6AI score0.00213EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/14 6:24 p.m.9 views

Insertion of Sensitive Information into Log File

Overview dbt-mcp is an A MCP Model Context Protocol server for interacting with dbt resources. Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File in the calltool process when file logging is enabled via the DBTMCPSERVERFILELOGGING setting. An...

2.5CVSS5.9AI score0.00012EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/14 2:24 p.m.10 views

CVE-2026-42559

RMCP is an official Rust SDK for the Model Context Protocol. Prior to version 1.4.0, the rmcp crate's Streamable HTTP server transport crates/rmcp/src/transport/streamablehttpserver/ did not validate the incoming Host header. This allowed a malicious public website, via a DNS rebinding attack, to...

8.8CVSS5.8AI score0.00213EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/05/14 2:24 p.m.41 views

CVE-2026-42559 RMCP: DNS rebinding vulnerability in rmcp Streamable HTTP server transport

RMCP is an official Rust SDK for the Model Context Protocol. Prior to version 1.4.0, the rmcp crate's Streamable HTTP server transport crates/rmcp/src/transport/streamablehttpserver/ did not validate the incoming Host header. This allowed a malicious public website, via a DNS rebinding attack, to...

8.8CVSS0.00213EPSS
Exploits0References5
CVE
CVE
added 2026/05/14 2:24 p.m.21 views

CVE-2026-42559

The RMCP Streamable HTTP server transport in the rmcp crate failed to validate the Host header prior to version 1.4.0, enabling a DNS rebinding attack that could cause authenticated requests to reach a victim’s local MCP server. Impact could include enumeration, reading state, and triggering side...

8.8CVSS5.8AI score0.00213EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/14 2:24 p.m.7 views

EUVD-2026-30292

RMCP is an official Rust SDK for the Model Context Protocol. Prior to version 1.4.0, the rmcp crate's Streamable HTTP server transport crates/rmcp/src/transport/streamablehttpserver/ did not validate the incoming Host header. This allowed a malicious public website, via a DNS rebinding attack, to...

8.8CVSS5.8AI score0.00213EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.11 views

MCP Registry 安全漏洞

MCP Registry is an open-source MCP server application store developed by Model Context Protocol. Versions of MCP Registry prior to 1.7.9 contained security vulnerabilities. These vulnerabilities stemmed from OCI ownership verification skipping tag matching checks during HTTP 429 requests, which...

3.5CVSS5.8AI score0.00206EPSS
Exploits0References2
Wallarm Lab
Wallarm Lab
added 2026/05/12 4:54 p.m.10 views

Extending Security to MCP Servers: Closing a Critical Gap

The Model Context Protocol MCP is a de facto standard for providing structured access to privileged systems for AI agents and external integrations. It acts as a USB-C port for AI, enabling faster innovation by allowing organizations to expose tools, resources, and workflows without the...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/12 12:0 a.m.84 views

CTFusion: A CTF-Based Benchmark for LLM Agent Evaluation

Recent advances in Large Language Models LLMs have enabled agentic systems for complex, multi-step tasks; cybersecurity is emerging as a prominent application. To evaluate such agents, researchers widely adopt Capture The Flag CTF benchmarks. However, current CTF benchmarks reuse existing...

5.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/05/11 8:26 p.m.10 views

CVE-2026-44336

PraisonAI is a multi-agent teams system. Prior to version 4.6.34, PraisonAI's MCP Model Context Protocol server praisonai mcp serve registers four file-handling tools by default — praisonai.rules.create, praisonai.rules.show, praisonai.rules.delete, and praisonai.workflow.show. Each accepts a pat...

9.6CVSS6.3AI score0.00619EPSS
Exploits1References1
EUVD
EUVD
added 2026/05/11 1:58 p.m.10 views

EUVD-2026-28639

PraisonAI MCP tools/call path-traversal = RCE via Python .pth injection...

9.6CVSS5.8AI score0.00619EPSS
Exploits1References2
Snyk
Snyk
added 2026/05/09 12:42 a.m.8 views

Command Injection

Overview @profullstack/mcp-server is an A generic, modular server for implementing the Model Context Protocol MCP Affected versions of this package are vulnerable to Command Injection via the domainlookup process. An attacker can execute arbitrary operating system commands with the privileges of...

9.8CVSS6.1AI score
Exploits0References2
NVD
NVD
added 2026/05/08 2:16 p.m.17 views

CVE-2026-44336

PraisonAI is a multi-agent teams system. Prior to version 4.6.34, PraisonAI's MCP Model Context Protocol server praisonai mcp serve registers four file-handling tools by default — praisonai.rules.create, praisonai.rules.show, praisonai.rules.delete, and praisonai.workflow.show. Each accepts a pat...

9.6CVSS0.00619EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/08 1:32 p.m.33 views

CVE-2026-44336 PraisonAI MCP `tools/call` path-traversal and RCE via Python `.pth` injection

PraisonAI is a multi-agent teams system. Prior to version 4.6.34, PraisonAI's MCP Model Context Protocol server praisonai mcp serve registers four file-handling tools by default — praisonai.rules.create, praisonai.rules.show, praisonai.rules.delete, and praisonai.workflow.show. Each accepts a pat...

9.4CVSS0.00619EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.12 views

n8n-MCP 安全漏洞

n8n-MCP is a model context protocol server developed by Romuald Członkowski, an individual developer. It serves as a connection between AI assistants and automated workflow platforms. Versions of n8n-MCP from 2.18.7 to 2.50.2 contained security vulnerabilities. These vulnerabilities were caused b...

9.1CVSS5.8AI score0.00235EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.21 views

PT-2026-39003

Name of the Vulnerable Software and Affected Versions PraisonAI versions prior to 4.6.34 Description The Model Context Protocol MCP server in PraisonAI contains a path traversal flaw in its file-handling tools. The server registers four tools by default: 'praisonai.rules.create',...

9.6CVSS6.3AI score0.00619EPSS
Exploits1References11
Rows per page
Query Builder