6 matches found
CVE-2026-6494
A flaw was found in the AAP MCP server. An unauthenticated remote attacker can exploit a log injection vulnerability by sending specially crafted input to the toolsetroute parameter. This parameter is not properly sanitized before being written to logs, allowing the attacker to inject control...
CVE-2026-6494
CVE-2026-6494 describes a log-injection vulnerability in the AAP MCP server. An unauthenticated remote attacker can send specially crafted input to the toolsetroute parameter, which is written to logs without proper sanitization. This allows insertion of control characters (e.g., newlines and ANS...
CVE-2026-6494 Aap-mcp-server: aap mcp server: log injection allows social engineering attacks via unsanitized input
A flaw was found in the AAP MCP server. An unauthenticated remote attacker can exploit a log injection vulnerability by sending specially crafted input to the toolsetroute parameter. This parameter is not properly sanitized before being written to logs, allowing the attacker to inject control...
CVE-2026-6494
A flaw was found in the AAP MCP server. An unauthenticated remote attacker can exploit a log injection vulnerability by sending specially crafted input to the toolsetroute parameter. This parameter is not properly sanitized before being written to logs, allowing the attacker to inject control...
Red Hat Ansible Automation Platform(Red Hat AAP) 安全漏洞
The Red Hat Ansible Automation Platform Red Hat AAP is a unified solution for strategic automation provided by Red Hat, Inc. There is a security vulnerability in the Red Hat Ansible Automation Platform Red Hat AAP, which stems from improper input cleaning of the toolsetroute parameter. This...
PT-2026-33431
A flaw was found in the AAP MCP server. An unauthenticated remote attacker can exploit a log injection vulnerability by sending specially crafted input to the toolsetroute parameter. This parameter is not properly sanitized before being written to logs, allowing the attacker to inject control...