EUVD-2025-32451

A vulnerability was identified in samanhappy MCPHub up to 0.9.10. This vulnerability affects the function handleSseConnectionfunction of the file src/services/sseService.ts. Such manipulation leads to improper authentication. The attack may be launched remotely. The exploit is publicly available...

EUVD-2025-32452

A vulnerability was determined in samanhappy MCPHub up to 0.9.10. This affects an unknown part of the file src/controllers/serverController.ts of the component MCPRouter Service. This manipulation of the argument baseUrl causes server-side request forgery. The attack may be initiated remotely. Th...

CVE-2025-11287

A vulnerability was identified in samanhappy MCPHub up to 0.9.10. This vulnerability affects the function handleSseConnectionfunction of the file src/services/sseService.ts. Such manipulation leads to improper authentication. The attack may be launched remotely. The exploit is publicly available...

CVE-2025-11287

A vulnerability was identified in samanhappy MCPHub up to 0.9.10. This vulnerability affects the function handleSseConnectionfunction of the file src/services/sseService.ts. Such manipulation leads to improper authentication. The attack may be launched remotely. The exploit is publicly available...

CVE-2025-11286

A vulnerability was determined in samanhappy MCPHub up to 0.9.10. This affects an unknown part of the file src/controllers/serverController.ts of the component MCPRouter Service. This manipulation of the argument baseUrl causes server-side request forgery. The attack may be initiated remotely. Th...

CVE-2025-11286

A vulnerability was determined in samanhappy MCPHub up to 0.9.10. This affects an unknown part of the file src/controllers/serverController.ts of the component MCPRouter Service. This manipulation of the argument baseUrl causes server-side request forgery. The attack may be initiated remotely. Th...

CVE-2025-11287 samanhappy MCPHub sseService.ts handleSseConnectionfunction improper authentication

A vulnerability was identified in samanhappy MCPHub up to 0.9.10. This vulnerability affects the function handleSseConnectionfunction of the file src/services/sseService.ts. Such manipulation leads to improper authentication. The attack may be launched remotely. The exploit is publicly available...

CVE-2025-11287 samanhappy MCPHub sseService.ts handleSseConnectionfunction improper authentication

A vulnerability was identified in samanhappy MCPHub up to 0.9.10. This vulnerability affects the function handleSseConnectionfunction of the file src/services/sseService.ts. Such manipulation leads to improper authentication. The attack may be launched remotely. The exploit is publicly available...

CVE-2025-11286 samanhappy MCPHub MCPRouter Service serverController.ts server-side request forgery

A vulnerability was determined in samanhappy MCPHub up to 0.9.10. This affects an unknown part of the file src/controllers/serverController.ts of the component MCPRouter Service. This manipulation of the argument baseUrl causes server-side request forgery. The attack may be initiated remotely. Th...

CVE-2025-11286

CVE-2025-11286 affects samanhappy MCPHub up to version 0.9.10. The flaw is in src/controllers/serverController.ts of the MCPRouter Service, where manipulation of the baseUrl argument enables server-side request forgery (SSRF). Exploitation can be remote; the exploit has been publicly disclosed. T...

EUVD-2025-32449

A vulnerability was found in samanhappy MCPHub up to 0.9.10. Affected by this issue is some unknown functionality of the file src/controllers/serverController.ts. The manipulation of the argument command/args results in os command injection. The attack can be launched remotely. The exploit has be...

CVE-2025-11285

A vulnerability was found in samanhappy MCPHub up to 0.9.10. Affected by this issue is some unknown functionality of the file src/controllers/serverController.ts. The manipulation of the argument command/args results in os command injection. The attack can be launched remotely. The exploit has be...

CVE-2025-11285 samanhappy MCPHub serverController.ts os command injection

A vulnerability was found in samanhappy MCPHub up to 0.9.10. Affected by this issue is some unknown functionality of the file src/controllers/serverController.ts. The manipulation of the argument command/args results in os command injection. The attack can be launched remotely. The exploit has be...

CVE-2025-11285

SAMANHAPPY MCPHub up to 0.9.10 contains a command injection in src/controllers/serverController.ts caused by improper handling of the command/args input. An attacker can remotely trigger arbitrary OS commands; the exploit has been publicly released. No fixed version is available for remediation; ...

CVE-2025-11285 samanhappy MCPHub serverController.ts os command injection

A vulnerability was found in samanhappy MCPHub up to 0.9.10. Affected by this issue is some unknown functionality of the file src/controllers/serverController.ts. The manipulation of the argument command/args results in os command injection. The attack can be launched remotely. The exploit has be...

PT-2025-40799

Name of the Vulnerable Software and Affected Versions samanhappy MCPHub versions up to 0.9.10 Description A server-side request forgery condition exists due to manipulation of the baseUrl argument within the file src/controllers/serverController.ts of the MCPRouter Service component. This issue c...

PT-2025-40796

Name of the Vulnerable Software and Affected Versions samanhappy MCPHub versions up to 0.9.10 Description A flaw exists in samanhappy MCPHub that allows for remote operating system command injection. The issue is related to the manipulation of the command/args argument within the file...

PT-2025-40800

Name of the Vulnerable Software and Affected Versions samanhappy MCPHub versions up to 0.9.10 Description A flaw exists due to improper authentication within the handleSseConnectionfunction function located in the src/services/sseService.ts file. This issue allows for remote attacks, and a public...