Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

5 matches found

RedhatCVE
RedhatCVEadded 2025/09/30 10:46 p.m.2 views

CVE-2025-59163

vet is an open source software supply chain security tool. Versions 1.12.4 and below are vulnerable to a DNS rebinding attack due to lack of HTTP Host and Origin header validation. Data from the vet scan sqlite3 database may be exposed to remote attackers when vet is used as an MCP server in SSE...

2.1CVSS6.8AI score0.00185EPSS
Exploits0References1
NVD
NVDadded 2025/09/29 10:15 p.m.3 views

CVE-2025-59163

vet is an open source software supply chain security tool. Versions 1.12.4 and below are vulnerable to a DNS rebinding attack due to lack of HTTP Host and Origin header validation. Data from the vet scan sqlite3 database may be exposed to remote attackers when vet is used as an MCP server in SSE...

2.1CVSS0.00185EPSS
Exploits0References3
OSV
OSVadded 2025/09/29 9:51 p.m.2 views

CVE-2025-59163 vet MCP Server SSE Transport DNS Rebinding Vulnerability

vet is an open source software supply chain security tool. Versions 1.12.4 and below are vulnerable to a DNS rebinding attack due to lack of HTTP Host and Origin header validation. Data from the vet scan sqlite3 database may be exposed to remote attackers when vet is used as an MCP server in SSE...

2.1CVSS6.5AI score0.00185EPSS
Exploits0References5
CVE
CVEadded 2025/09/29 9:51 p.m.10 views

CVE-2025-59163

CVE-2025-59163 describes a DNS rebinding vulnerability in the vet MCP Server SSE Transport within the open-source vet tool (github.com/safedep/vet). The issue arises from missing validation of HTTP Host and Origin headers, enabling remote attackers to access data from the vet scan sqlite3 databas...

2.1CVSS6.4AI score0.00185EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2025/09/29 12:0 a.m.2 views

PT-2025-39909

Name of the Vulnerable Software and Affected Versions vet versions prior to 1.12.5 Description The software is susceptible to a DNS rebinding attack because of missing HTTP Host and Origin header validation. When used as an MCP server in SSE mode with default ports, the sqlite3 database containin...

9.9CVSS6.4AI score0.06448EPSS
Exploits11References49
Rows per page
Query Builder