Lucene search
K

5 matches found

OSV
OSV
added 2026/06/26 9:50 p.m.4 views

GHSA-4HF8-5MJM-RFGQ Streamable HTTP mode exposes LINE Desktop read/send tools without MCP authentication

Streamable HTTP mode exposes LINE Desktop read/send tools without MCP authentication Summary line-desktop-mcp supports a --http-mode Streamable HTTP transport for use with clients such as n8n. In this mode the server binds to 0.0.0.0 and exposes the MCP /mcp endpoint without an MCP-layer...

8.8CVSS5.8AI score0.00323EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2025-24562

Malicious code in bioql PyPI...

7.7CVSS6.6AI score0.02144EPSS
Exploits1References2
NVD
NVD
added 2025/08/13 2:15 p.m.18 views

CVE-2025-54074

Cherry Studio is a desktop client that supports for multiple LLM providers. From versions 1.2.5 to 1.5.1, Cherry Studio is vulnerable to OS Command Injection during a connection with a malicious MCP server in HTTP Streamable mode. Attackers can setup a malicious MCP server with compatible OAuth...

9.8CVSS0.02144EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/08/13 1:27 p.m.8 views

CVE-2025-54074 Cherry Studio is Vulnerable to OS Command Injection during Connection with a Malicious MCP Server

Cherry Studio is a desktop client that supports for multiple LLM providers. From versions 1.2.5 to 1.5.1, Cherry Studio is vulnerable to OS Command Injection during a connection with a malicious MCP server in HTTP Streamable mode. Attackers can setup a malicious MCP server with compatible OAuth...

7.7CVSS8.1AI score0.02144EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/08/13 12:0 a.m.11 views

PT-2025-32989 · Unknown · Cherry-Studio

Name of the Vulnerable Software and Affected Versions: Cherry Studio versions 1.2.5 through 1.5.1 Description: Cherry Studio is vulnerable to OS Command Injection when connecting to a malicious MCP server in HTTP Streamable mode. Attackers can establish a malicious MCP server with compatible OAut...

7.7CVSS7.7AI score0.02144EPSS
Exploits1References7
Rows per page
Query Builder