CVE-2026-44429

The MCP Registry provides MCP clients with a list of MCP servers, like an app store for MCP servers. Prior to 1.7.7, the public catalogue UI served at GET / file internal/api/handlers/v0/uiindex.html is vulnerable to stored cross-site scripting via the server.websiteUrl field of any published...

waterserver-takuhai.jp Cross Site Scripting vulnerability OBB-1349840

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

easy-server.us XSS vulnerability

Open Bug Bounty ID: OBB-615137 Description| Value ---|--- Affected Website:| easy-server.us Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

[Full-disclosure] Remote access to NeuSecure/Netcool backend database via web interface credentials leakage

-= DDSi Security Report =- March 8th, 2006 --------------------------------------------------------------------------------------------------------- Another credentials leak was found in Netcool/NeuSecure Security Information Management platform which leads to remote backend database access with...