{ "generated_at": "2026-05-02T16:48:35.950026+00:00", "ecosystems": [ "npm", "pypi" ], "summary": { "packages_audited": 400, "packages_with_vulns": 301, "total_cves": 3759, "critical": 306, "high": 1356, "medium": 965, "low": 201 }, "tactic_exposure": { "Code Execution": 289, "Output Weaponization": 86, "Tool Poisoning": 43, "Infrastructure & Runtime": 293, "Privilege Escalation": 89, "Credential Scope": 104, "Prompt Injection": 122, "Supply Chain": 5, "RAG & Memory Poisoning": 67, "Anti-Forensics": 2 }, "top_vulnerable_deps": [ { "name": "mcp", "affected_packages": 137 }, { "name": "@modelcontextprotocol/sdk", "affected_packages": 108 }, { "name": "httpx", "affected_packages": 66 }, { "name": "pytest", "affected_packages": 54 }, { "name": "pydantic", "affected_packages": 50 }, { "name": "fastmcp", "affected_packages": 40 }, { "name": "python-dotenv", "affected_packages": 29 }, { "name": "requests", "affected_packages": 28 }, { "name": "axios", "affected_packages": 26 }, { "name": "uvicorn", "affected_packages": 20 }, { "name": "black", "affected_packages": 16 }, { "name": "fastapi", "affected_packages": 12 }, { "name": "aiohttp", "affected_packages": 10 }, { "name": "express", "affected_packages": 9 }, { "name": "jinja2", "affected_packages": 7 }, { "name": "pyyaml", "affected_packages": 7 }, { "name": "starlette", "affected_packages": 6 }, { "name": "cryptography", "affected_packages": 6 }, { "name": "loguru", "affected_packages": 6 }, { "name": "pillow", "affected_packages": 5 } ], "packages": [ { "name": "mcp-server", "version": "0.0.9", "ecosystem": "npm", "description": "mcp server", "github_url": "git+https://github.com/sandy-mount/mcp-server.git", "total_cves": 5, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-3p68-rc4w-qgx5", "GHSA-4hjh-wcwx-xvwj", "GHSA-fvcv-3m26-pcqx" ], "Output Weaponization": [ "GHSA-3p68-rc4w-qgx5", "GHSA-fvcv-3m26-pcqx", "GHSA-jr5f-v2jv-69x6" ], "Tool Poisoning": [ "GHSA-43fc-jf86-j433", "GHSA-fvcv-3m26-pcqx" ], "Infrastructure & Runtime": [ "GHSA-43fc-jf86-j433", "GHSA-4hjh-wcwx-xvwj" ], "Privilege Escalation": [ "GHSA-fvcv-3m26-pcqx" ], "Credential Scope": [ "GHSA-fvcv-3m26-pcqx", "GHSA-jr5f-v2jv-69x6" ] }, "direct_vulns": [], "dep_vulns": { "axios": [ { "id": "GHSA-3p68-rc4w-qgx5", "severity": "MEDIUM", "summary": "Axios has a NO_PROXY Hostname Normalization Bypass that Leads to SSRF" }, { "id": "GHSA-43fc-jf86-j433", "severity": "HIGH", "summary": "Axios is Vulnerable to Denial of Service via __proto__ Key in mergeConfig" }, { "id": "GHSA-4hjh-wcwx-xvwj", "severity": "HIGH", "summary": "Axios is vulnerable to DoS attack through lack of data size check" }, { "id": "GHSA-fvcv-3m26-pcqx", "severity": "MEDIUM", "summary": "Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain" }, { "id": "GHSA-jr5f-v2jv-69x6", "severity": "HIGH", "summary": "axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL" } ] } }, { "name": "@upstash/context7-mcp", "version": "2.2.3", "ecosystem": "npm", "description": "MCP server for Context7", "github_url": "git+https://github.com/upstash/context7.git", "total_cves": 12, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-cxrh-j4jr-qwg3", "GHSA-g9mf-h72j-4rw9" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-2mjp-6q6p-2qxm", "GHSA-4992-7rv2-5pvq", "GHSA-9qxr-qj54-h672", "GHSA-c76h-2ccp-4975", "GHSA-cxrh-j4jr-qwg3", "GHSA-f269-vfmq-vjvj", "GHSA-g9mf-h72j-4rw9", "GHSA-m4v8-wqvr-p9f7", "GHSA-v9p9-hfj2-hcw8", "GHSA-vrm6-8vpv-qv8q" ], "Credential Scope": [ "GHSA-2mjp-6q6p-2qxm" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" } ], "undici": [ { "id": "GHSA-2mjp-6q6p-2qxm", "severity": "MEDIUM", "summary": "Undici has an HTTP Request/Response Smuggling issue" }, { "id": "GHSA-4992-7rv2-5pvq", "severity": "MEDIUM", "summary": "Undici has CRLF Injection in undici via `upgrade` option" }, { "id": "GHSA-9qxr-qj54-h672", "severity": "LOW", "summary": "Undici's fetch with integrity option is too lax when algorithm is specified but hash value is in incorrect" }, { "id": "GHSA-c76h-2ccp-4975", "severity": "MEDIUM", "summary": "Use of Insufficiently Random Values in undici" }, { "id": "GHSA-cxrh-j4jr-qwg3", "severity": "LOW", "summary": "undici Denial of Service attack via bad certificate data" }, { "id": "GHSA-f269-vfmq-vjvj", "severity": "HIGH", "summary": "Undici: Malicious WebSocket 64-bit length overflows parser and crashes the client" }, { "id": "GHSA-g9mf-h72j-4rw9", "severity": "MEDIUM", "summary": "Undici has an unbounded decompression chain in HTTP responses on Node.js Fetch API via Content-Encoding leads to resource exhaustion" }, { "id": "GHSA-m4v8-wqvr-p9f7", "severity": "LOW", "summary": "Undici's Proxy-Authorization header not cleared on cross-origin redirect for dispatch, request, stream, pipeline" }, { "id": "GHSA-v9p9-hfj2-hcw8", "severity": "HIGH", "summary": "Undici has Unhandled Exception in WebSocket Client Due to Invalid server_max_window_bits Validation" }, { "id": "GHSA-vrm6-8vpv-qv8q", "severity": "HIGH", "summary": "Undici has Unbounded Memory Consumption in WebSocket permessage-deflate Decompression" } ] } }, { "name": "@notionhq/notion-mcp-server", "version": "2.2.1", "ecosystem": "npm", "description": "Official MCP server for Notion API", "github_url": "git+ssh://git@github.com/makenotion/notion-mcp-server.git", "total_cves": 7, "max_severity": "CRITICAL", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-3p68-rc4w-qgx5", "GHSA-4hjh-wcwx-xvwj", "GHSA-fvcv-3m26-pcqx" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-43fc-jf86-j433", "GHSA-4hjh-wcwx-xvwj", "GHSA-fjxv-7rqg-78g4" ], "Output Weaponization": [ "GHSA-3p68-rc4w-qgx5", "GHSA-fvcv-3m26-pcqx" ], "Tool Poisoning": [ "GHSA-43fc-jf86-j433", "GHSA-fvcv-3m26-pcqx" ], "Privilege Escalation": [ "GHSA-fvcv-3m26-pcqx" ], "Credential Scope": [ "GHSA-fvcv-3m26-pcqx" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" } ], "axios": [ { "id": "GHSA-3p68-rc4w-qgx5", "severity": "MEDIUM", "summary": "Axios has a NO_PROXY Hostname Normalization Bypass that Leads to SSRF" }, { "id": "GHSA-43fc-jf86-j433", "severity": "HIGH", "summary": "Axios is Vulnerable to Denial of Service via __proto__ Key in mergeConfig" }, { "id": "GHSA-4hjh-wcwx-xvwj", "severity": "HIGH", "summary": "Axios is vulnerable to DoS attack through lack of data size check" }, { "id": "GHSA-fvcv-3m26-pcqx", "severity": "MEDIUM", "summary": "Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain" } ], "form-data": [ { "id": "GHSA-fjxv-7rqg-78g4", "severity": "CRITICAL", "summary": "form-data uses unsafe random function in form-data for choosing boundary" } ] } }, { "name": "@apify/actors-mcp-server", "version": "0.9.20", "ecosystem": "npm", "description": "Apify MCP Server", "github_url": "git+https://github.com/apify/apify-mcp-server.git", "total_cves": 2, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-2g4f-4pwh-qvx6" ], "Code Execution": [ "GHSA-345p-7cg4-v4c7" ] }, "direct_vulns": [], "dep_vulns": { "ajv": [ { "id": "GHSA-2g4f-4pwh-qvx6", "severity": "MEDIUM", "summary": "ajv has ReDoS when using `$data` option" } ], "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" } ] } }, { "name": "@sentry/mcp-server", "version": "0.33.0", "ecosystem": "npm", "description": "Sentry MCP Server", "github_url": "git+ssh://git@github.com/getsentry/sentry-mcp.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@ui5/mcp-server", "version": "0.2.11", "ecosystem": "npm", "description": "MCP server for SAPUI5/OpenUI5 development", "github_url": "git+https://github.com/UI5/mcp-server.git", "total_cves": 2, "max_severity": "MEDIUM", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-2g4f-4pwh-qvx6", "GHSA-gh4j-gqv2-49f6" ], "Prompt Injection": [ "GHSA-gh4j-gqv2-49f6" ], "Tool Poisoning": [ "GHSA-gh4j-gqv2-49f6" ] }, "direct_vulns": [], "dep_vulns": { "ajv": [ { "id": "GHSA-2g4f-4pwh-qvx6", "severity": "MEDIUM", "summary": "ajv has ReDoS when using `$data` option" } ], "fast-xml-parser": [ { "id": "GHSA-gh4j-gqv2-49f6", "severity": "MEDIUM", "summary": "fast-xml-parser XMLBuilder: XML Comment and CDATA Injection via Unescaped Delimiters" } ] } }, { "name": "@mapbox/mcp-server", "version": "0.11.0", "ecosystem": "npm", "description": "Mapbox MCP server.", "github_url": "git+https://github.com/mapbox/mcp-server.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@railway/mcp-server", "version": "0.1.8", "ecosystem": "npm", "description": "Official Railway MCP server", "github_url": "git+https://github.com/railwayapp/railway-mcp-server.git", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "@hubspot/mcp-server", "version": "0.4.0", "ecosystem": "npm", "description": "MCP Server for developers building HubSpot Apps", "github_url": "", "total_cves": 2, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "@heroku/mcp-server", "version": "1.2.2", "ecosystem": "npm", "description": "Heroku Platform MCP Server", "github_url": "git+https://github.com/heroku/heroku-mcp-server.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@dynatrace-oss/dynatrace-mcp-server", "version": "1.8.4", "ecosystem": "npm", "description": "Model Context Protocol (MCP) server for Dynatrace", "github_url": "git+https://github.com/dynatrace-oss/dynatrace-mcp.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@browserstack/mcp-server", "version": "1.2.16", "ecosystem": "npm", "description": "BrowserStack's Official MCP Server", "github_url": "git+https://github.com/browserstack/mcp-server.git", "total_cves": 1, "max_severity": "MEDIUM", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-w5hq-g745-h8pq" ] }, "direct_vulns": [], "dep_vulns": { "uuid": [ { "id": "GHSA-w5hq-g745-h8pq", "severity": "MEDIUM", "summary": "uuid: Missing buffer bounds check in v3/v5/v6 when buf is provided" } ] } }, { "name": "mcp-server-kubernetes", "version": "3.5.0", "ecosystem": "npm", "description": "MCP server for interacting with Kubernetes clusters via kubectl", "github_url": "git+https://github.com/Flux159/mcp-server-kubernetes.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@gongrzhe/server-gmail-autoauth-mcp", "version": "1.1.11", "ecosystem": "npm", "description": "Gmail MCP server with auto authentication support", "github_url": "git+https://github.com/gongrzhe/server-gmail-autoauth-mcp.git", "total_cves": 6, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w", "GHSA-c7w3-x93f-qmm8", "GHSA-rcmh-qjqh-p98v", "GHSA-vvjj-xcjg-gr5g" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-mm7p-fcc7-pg87", "GHSA-rcmh-qjqh-p98v" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ], "nodemailer": [ { "id": "GHSA-c7w3-x93f-qmm8", "severity": "LOW", "summary": "Nodemailer has SMTP command injection due to unsanitized `envelope.size` parameter" }, { "id": "GHSA-mm7p-fcc7-pg87", "severity": "MEDIUM", "summary": "Nodemailer: Email to an unintended domain can occur due to Interpretation Conflict" }, { "id": "GHSA-rcmh-qjqh-p98v", "severity": "HIGH", "summary": "Nodemailer\u2019s addressparser is vulnerable to DoS caused by recursive calls" }, { "id": "GHSA-vvjj-xcjg-gr5g", "severity": "MEDIUM", "summary": "Nodemailer Vulnerable to SMTP Command Injection via CRLF in Transport name Option (EHLO/HELO) " } ] } }, { "name": "@eslint/mcp", "version": "0.3.5", "ecosystem": "npm", "description": "MCP server for ESLint", "github_url": "git+https://github.com/eslint/rewrite.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@z_ai/mcp-server", "version": "0.1.4", "ecosystem": "npm", "description": "MCP Server for Z.AI - A Model Context Protocol server that provides AI capabilities", "github_url": "https://docs.z.ai/", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@roychri/mcp-server-asana", "version": "1.8.0", "ecosystem": "npm", "description": "MCP Server for Asana", "github_url": "git+https://github.com/roychri/mcp-server-asana.git", "total_cves": 2, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "tavily-mcp", "version": "0.2.19", "ecosystem": "npm", "description": "MCP server for advanced web search using Tavily", "github_url": "git+https://github.com/tavily-ai/tavily-mcp.git", "total_cves": 6, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-3p68-rc4w-qgx5", "GHSA-4hjh-wcwx-xvwj", "GHSA-fvcv-3m26-pcqx" ], "Output Weaponization": [ "GHSA-3p68-rc4w-qgx5", "GHSA-8hc4-vh64-cxmj", "GHSA-fvcv-3m26-pcqx", "GHSA-jr5f-v2jv-69x6" ], "Tool Poisoning": [ "GHSA-43fc-jf86-j433", "GHSA-fvcv-3m26-pcqx" ], "Infrastructure & Runtime": [ "GHSA-43fc-jf86-j433", "GHSA-4hjh-wcwx-xvwj" ], "Privilege Escalation": [ "GHSA-fvcv-3m26-pcqx" ], "Credential Scope": [ "GHSA-fvcv-3m26-pcqx", "GHSA-jr5f-v2jv-69x6" ] }, "direct_vulns": [], "dep_vulns": { "axios": [ { "id": "GHSA-3p68-rc4w-qgx5", "severity": "MEDIUM", "summary": "Axios has a NO_PROXY Hostname Normalization Bypass that Leads to SSRF" }, { "id": "GHSA-43fc-jf86-j433", "severity": "HIGH", "summary": "Axios is Vulnerable to Denial of Service via __proto__ Key in mergeConfig" }, { "id": "GHSA-4hjh-wcwx-xvwj", "severity": "HIGH", "summary": "Axios is vulnerable to DoS attack through lack of data size check" }, { "id": "GHSA-8hc4-vh64-cxmj", "severity": "HIGH", "summary": "Server-Side Request Forgery in axios" }, { "id": "GHSA-fvcv-3m26-pcqx", "severity": "MEDIUM", "summary": "Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain" }, { "id": "GHSA-jr5f-v2jv-69x6", "severity": "HIGH", "summary": "axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL" } ] } }, { "name": "kubernetes-mcp-server", "version": "0.0.61", "ecosystem": "npm", "description": "Model Context Protocol (MCP) server for Kubernetes and OpenShift", "github_url": "git+https://github.com/containers/kubernetes-mcp-server.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@azure/mcp", "version": "3.0.0-beta.6", "ecosystem": "npm", "description": "Azure MCP Server - Model Context Protocol implementation for Azure", "github_url": "git+https://github.com/microsoft/mcp.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@shortcut/mcp", "version": "0.24.0", "ecosystem": "npm", "description": "Shortcut MCP Server", "github_url": "git+https://github.com/useshortcut/mcp-server-shortcut.git", "total_cves": 2, "max_severity": "MEDIUM", "tactic_exposure": { "Prompt Injection": [ "GHSA-qw6h-vgh9-j6wx" ], "Code Execution": [ "GHSA-rv95-896h-c2vc" ], "Output Weaponization": [ "GHSA-rv95-896h-c2vc" ] }, "direct_vulns": [], "dep_vulns": { "express": [ { "id": "GHSA-qw6h-vgh9-j6wx", "severity": "LOW", "summary": "express vulnerable to XSS via response.redirect()" }, { "id": "GHSA-rv95-896h-c2vc", "severity": "MEDIUM", "summary": "Express.js Open Redirect in malformed URLs" } ] } }, { "name": "mcp-server-code-runner", "version": "0.1.8", "ecosystem": "npm", "description": "Code Runner MCP Server", "github_url": "git+https://github.com/formulahendry/mcp-server-code-runner.git", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "@taazkareem/clickup-mcp-server", "version": "0.14.3", "ecosystem": "npm", "description": "ClickUp MCP Server - Powering AI Agents with full ClickUp task, document, and chat management capabilities.", "github_url": "git+https://github.com/taazkareem/clickup-mcp-server.git", "total_cves": 10, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-3p68-rc4w-qgx5", "GHSA-4hjh-wcwx-xvwj", "GHSA-fvcv-3m26-pcqx", "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w", "GHSA-46wh-pxpv-q5gq" ], "Output Weaponization": [ "GHSA-3p68-rc4w-qgx5", "GHSA-8hc4-vh64-cxmj", "GHSA-fvcv-3m26-pcqx", "GHSA-jr5f-v2jv-69x6" ], "Tool Poisoning": [ "GHSA-43fc-jf86-j433", "GHSA-fvcv-3m26-pcqx" ], "Infrastructure & Runtime": [ "GHSA-43fc-jf86-j433", "GHSA-4hjh-wcwx-xvwj", "GHSA-8r9q-7v3j-jr4g", "GHSA-46wh-pxpv-q5gq" ], "Privilege Escalation": [ "GHSA-fvcv-3m26-pcqx" ], "Credential Scope": [ "GHSA-fvcv-3m26-pcqx", "GHSA-jr5f-v2jv-69x6" ] }, "direct_vulns": [], "dep_vulns": { "axios": [ { "id": "GHSA-3p68-rc4w-qgx5", "severity": "MEDIUM", "summary": "Axios has a NO_PROXY Hostname Normalization Bypass that Leads to SSRF" }, { "id": "GHSA-43fc-jf86-j433", "severity": "HIGH", "summary": "Axios is Vulnerable to Denial of Service via __proto__ Key in mergeConfig" }, { "id": "GHSA-4hjh-wcwx-xvwj", "severity": "HIGH", "summary": "Axios is vulnerable to DoS attack through lack of data size check" }, { "id": "GHSA-8hc4-vh64-cxmj", "severity": "HIGH", "summary": "Server-Side Request Forgery in axios" }, { "id": "GHSA-fvcv-3m26-pcqx", "severity": "MEDIUM", "summary": "Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain" }, { "id": "GHSA-jr5f-v2jv-69x6", "severity": "HIGH", "summary": "axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL" } ], "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ], "express-rate-limit": [ { "id": "GHSA-46wh-pxpv-q5gq", "severity": "HIGH", "summary": "express-rate-limit: IPv4-mapped IPv6 addresses bypass per-client rate limiting on servers with dual-stack network" } ] } }, { "name": "@alchemy/mcp-server", "version": "0.3.0", "ecosystem": "npm", "description": "MCP server for using Alchemy APIs", "github_url": "git+https://github.com/alchemyplatform/alchemy-mcp-server.git", "total_cves": 6, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w", "GHSA-3p68-rc4w-qgx5", "GHSA-fvcv-3m26-pcqx" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-43fc-jf86-j433" ], "Output Weaponization": [ "GHSA-3p68-rc4w-qgx5", "GHSA-fvcv-3m26-pcqx" ], "Tool Poisoning": [ "GHSA-43fc-jf86-j433", "GHSA-fvcv-3m26-pcqx" ], "Privilege Escalation": [ "GHSA-fvcv-3m26-pcqx" ], "Credential Scope": [ "GHSA-fvcv-3m26-pcqx" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ], "axios": [ { "id": "GHSA-3p68-rc4w-qgx5", "severity": "MEDIUM", "summary": "Axios has a NO_PROXY Hostname Normalization Bypass that Leads to SSRF" }, { "id": "GHSA-43fc-jf86-j433", "severity": "HIGH", "summary": "Axios is Vulnerable to Denial of Service via __proto__ Key in mergeConfig" }, { "id": "GHSA-fvcv-3m26-pcqx", "severity": "MEDIUM", "summary": "Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain" } ] } }, { "name": "@esaio/esa-mcp-server", "version": "0.7.1", "ecosystem": "npm", "description": "Official MCP server for esa.io - STDIO transport version", "github_url": "git+https://github.com/esaio/esa-mcp-server.git", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "@aikidosec/mcp", "version": "1.0.5", "ecosystem": "npm", "description": "Aikido MCP server", "github_url": "", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "polaris-mcp-server", "version": "1.0.0", "ecosystem": "npm", "description": "Shopify Polaris UI Components MCP Server for AI assistants", "github_url": "git+https://github.com/shramiknakarmi/polaris-mcp-server.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "codex-mcp-server", "version": "1.4.10", "ecosystem": "npm", "description": "MCP server wrapper for OpenAI Codex CLI", "github_url": "git+https://github.com/tuannvm/codex-mcp-server.git", "total_cves": 2, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" } ] } }, { "name": "argocd-mcp", "version": "0.5.0", "ecosystem": "npm", "description": "Argo CD MCP Server", "github_url": "git+https://github.com/argoproj-labs/mcp-for-argocd.git", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "slite-mcp-server", "version": "1.3.0", "ecosystem": "npm", "description": "'Slite MCP server'", "github_url": "", "total_cves": 6, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-3p68-rc4w-qgx5", "GHSA-4hjh-wcwx-xvwj", "GHSA-fvcv-3m26-pcqx", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Output Weaponization": [ "GHSA-3p68-rc4w-qgx5", "GHSA-fvcv-3m26-pcqx" ], "Tool Poisoning": [ "GHSA-43fc-jf86-j433", "GHSA-fvcv-3m26-pcqx" ], "Infrastructure & Runtime": [ "GHSA-43fc-jf86-j433", "GHSA-4hjh-wcwx-xvwj", "GHSA-8r9q-7v3j-jr4g" ], "Privilege Escalation": [ "GHSA-fvcv-3m26-pcqx" ], "Credential Scope": [ "GHSA-fvcv-3m26-pcqx" ] }, "direct_vulns": [], "dep_vulns": { "axios": [ { "id": "GHSA-3p68-rc4w-qgx5", "severity": "MEDIUM", "summary": "Axios has a NO_PROXY Hostname Normalization Bypass that Leads to SSRF" }, { "id": "GHSA-43fc-jf86-j433", "severity": "HIGH", "summary": "Axios is Vulnerable to Denial of Service via __proto__ Key in mergeConfig" }, { "id": "GHSA-4hjh-wcwx-xvwj", "severity": "HIGH", "summary": "Axios is vulnerable to DoS attack through lack of data size check" }, { "id": "GHSA-fvcv-3m26-pcqx", "severity": "MEDIUM", "summary": "Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain" } ], "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "serper-search-scrape-mcp-server", "version": "0.1.2", "ecosystem": "npm", "description": "Serper MCP Server supporting search and webpage scraping", "github_url": "git+https://github.com/marcopesani/mcp-server-serper.git", "total_cves": 2, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "openapi-mcp-generator", "version": "3.3.0", "ecosystem": "npm", "description": "Generates MCP server code from OpenAPI specifications", "github_url": "git+https://github.com/harsha-iiiv/openapi-mcp-generator.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@benborla29/mcp-server-mysql", "version": "2.0.8", "ecosystem": "npm", "description": "MCP server for interacting with MySQL databases with write operations support", "github_url": "", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "@gleanwork/mcp-server-utils", "version": "0.10.1", "ecosystem": "npm", "description": "Shared utilities for MCP server packages", "github_url": "git+ssh://git@github.com/gleanwork/mcp-server.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@nexus2520/bitbucket-mcp-server", "version": "2.0.4", "ecosystem": "npm", "description": "MCP server for Bitbucket API integration - supports both Cloud and Server", "github_url": "git+https://github.com/pdogra1299/bitbucket-mcp-server.git", "total_cves": 10, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w", "GHSA-3p68-rc4w-qgx5", "GHSA-4hjh-wcwx-xvwj", "GHSA-fvcv-3m26-pcqx", "GHSA-23c5-xmqv-rm74", "GHSA-3ppc-4f35-3m26" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-43fc-jf86-j433", "GHSA-4hjh-wcwx-xvwj", "GHSA-23c5-xmqv-rm74", "GHSA-3ppc-4f35-3m26", "GHSA-7r86-cg39-jmmj" ], "Output Weaponization": [ "GHSA-3p68-rc4w-qgx5", "GHSA-fvcv-3m26-pcqx" ], "Tool Poisoning": [ "GHSA-43fc-jf86-j433", "GHSA-fvcv-3m26-pcqx" ], "Privilege Escalation": [ "GHSA-fvcv-3m26-pcqx" ], "Credential Scope": [ "GHSA-fvcv-3m26-pcqx" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ], "axios": [ { "id": "GHSA-3p68-rc4w-qgx5", "severity": "MEDIUM", "summary": "Axios has a NO_PROXY Hostname Normalization Bypass that Leads to SSRF" }, { "id": "GHSA-43fc-jf86-j433", "severity": "HIGH", "summary": "Axios is Vulnerable to Denial of Service via __proto__ Key in mergeConfig" }, { "id": "GHSA-4hjh-wcwx-xvwj", "severity": "HIGH", "summary": "Axios is vulnerable to DoS attack through lack of data size check" }, { "id": "GHSA-fvcv-3m26-pcqx", "severity": "MEDIUM", "summary": "Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain" } ], "minimatch": [ { "id": "GHSA-23c5-xmqv-rm74", "severity": "HIGH", "summary": "minimatch ReDoS: nested *() extglobs generate catastrophically backtracking regular expressions" }, { "id": "GHSA-3ppc-4f35-3m26", "severity": "HIGH", "summary": "minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern" }, { "id": "GHSA-7r86-cg39-jmmj", "severity": "HIGH", "summary": "minimatch has ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments" } ] } }, { "name": "@softeria/ms-365-mcp-server", "version": "0.95.0", "ecosystem": "npm", "description": " A Model Context Protocol (MCP) server for interacting with Microsoft 365 and Office services through the Graph API", "github_url": "git+https://github.com/softeria/ms-365-mcp-server.git", "total_cves": 1, "max_severity": "MEDIUM", "tactic_exposure": { "Tool Poisoning": [ "GHSA-mh29-5h37-fv8m" ] }, "direct_vulns": [], "dep_vulns": { "js-yaml": [ { "id": "GHSA-mh29-5h37-fv8m", "severity": "MEDIUM", "summary": "js-yaml has prototype pollution in merge (<<)" } ] } }, { "name": "playwright-mcp-server", "version": "1.0.0", "ecosystem": "npm", "description": "MCP server for generating Playwright tests", "github_url": "", "total_cves": 7, "max_severity": "HIGH", "tactic_exposure": { "Prompt Injection": [ "GHSA-qw6h-vgh9-j6wx" ], "Code Execution": [ "GHSA-rv95-896h-c2vc", "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w", "GHSA-5j98-mcp5-4vw2", "GHSA-7mvr-c777-76hp" ], "Output Weaponization": [ "GHSA-rv95-896h-c2vc", "GHSA-5j98-mcp5-4vw2" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ], "Supply Chain": [ "GHSA-5j98-mcp5-4vw2", "GHSA-7mvr-c777-76hp" ], "Privilege Escalation": [ "GHSA-5j98-mcp5-4vw2" ], "Credential Scope": [ "GHSA-5j98-mcp5-4vw2" ] }, "direct_vulns": [], "dep_vulns": { "express": [ { "id": "GHSA-qw6h-vgh9-j6wx", "severity": "LOW", "summary": "express vulnerable to XSS via response.redirect()" }, { "id": "GHSA-rv95-896h-c2vc", "severity": "MEDIUM", "summary": "Express.js Open Redirect in malformed URLs" } ], "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ], "glob": [ { "id": "GHSA-5j98-mcp5-4vw2", "severity": "HIGH", "summary": "glob CLI: Command injection via -c/--cmd executes matches with shell:true" } ], "playwright": [ { "id": "GHSA-7mvr-c777-76hp", "severity": "HIGH", "summary": "Playwright downloads and installs browsers without verifying the authenticity of the SSL certificate" } ] } }, { "name": "@brave/brave-search-mcp-server", "version": "2.0.80", "ecosystem": "npm", "description": "Brave Search MCP Server: web results, images, videos, rich results, AI summaries, and more.", "github_url": "git+https://github.com/brave/brave-search-mcp-server.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "datadog-mcp-server", "version": "1.0.9", "ecosystem": "npm", "description": "MCP Server for Datadog API", "github_url": "git+https://github.com/GeLi2001/datadog-mcp-server.git", "total_cves": 2, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "@siemens/element-mcp", "version": "49.7.0-v.1.10.4", "ecosystem": "npm", "description": "Element MCP server", "github_url": "https://code.siemens.com/ux/sdl-mcp", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@microsoft/workiq", "version": "0.4.1", "ecosystem": "npm", "description": "MCP server for Microsoft 365 Copilot", "github_url": "git+https://github.com/microsoft/work-iq.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@tsmztech/mcp-server-salesforce", "version": "0.0.6", "ecosystem": "npm", "description": "A Salesforce connector MCP Server.", "github_url": "", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "godot-mcp-server", "version": "0.5.0", "ecosystem": "npm", "description": "MCP server for Godot game engine integration", "github_url": "git+https://github.com/tomyud1/godot-mcp.git", "total_cves": 1, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" } ] } }, { "name": "browser-devtools-mcp", "version": "0.6.11", "ecosystem": "npm", "description": "MCP Server for Browser Dev Tools", "github_url": "git+https://github.com/serkan-ozal/browser-devtools-mcp.git", "total_cves": 22, "max_severity": "HIGH", "tactic_exposure": { "Privilege Escalation": [ "GHSA-92pp-h63x-v22m", "GHSA-w332-q679-j88p", "GHSA-wmmm-f939-6g9c" ], "Code Execution": [ "GHSA-wc8c-qw6v-h7f6", "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w", "GHSA-6wqw-2p9w-4vw4", "GHSA-9r54-q6cx-xmh5", "GHSA-p6xx-57qc-3wxr", "GHSA-q5qw-h33p-qvwr", "GHSA-w332-q679-j88p", "GHSA-3v7f-55p6-f55p", "GHSA-c2c7-rcm5-vvqj" ], "RAG & Memory Poisoning": [ "GHSA-wc8c-qw6v-h7f6", "GHSA-q5qw-h33p-qvwr", "GHSA-xf4j-xp2r-rqqx" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-26pp-8wgv-hjvm", "GHSA-5pq2-9x2x-5p6w", "GHSA-gq3j-xvxp-8hrf", "GHSA-r354-f388-2fhh", "GHSA-r5rp-j6wh-rvv4", "GHSA-xpcf-pg52-r92g", "GHSA-c2c7-rcm5-vvqj" ], "Prompt Injection": [ "GHSA-458j-xx4x-4375", "GHSA-9r54-q6cx-xmh5", "GHSA-c2c7-rcm5-vvqj" ], "Output Weaponization": [ "GHSA-6wqw-2p9w-4vw4", "GHSA-9r54-q6cx-xmh5", "GHSA-w332-q679-j88p" ], "Tool Poisoning": [ "GHSA-v8w9-8mx6-g223" ] }, "direct_vulns": [], "dep_vulns": { "@hono/node-server": [ { "id": "GHSA-92pp-h63x-v22m", "severity": "MEDIUM", "summary": "@hono/node-server: Middleware bypass via repeated slashes in serveStatic" }, { "id": "GHSA-wc8c-qw6v-h7f6", "severity": "HIGH", "summary": "@hono/node-server has authorization bypass for protected static paths via encoded slashes in Serve Static Middleware" } ], "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ], "hono": [ { "id": "GHSA-26pp-8wgv-hjvm", "severity": "MEDIUM", "summary": "Hono missing validation of cookie name on write path in setCookie()" }, { "id": "GHSA-458j-xx4x-4375", "severity": "MEDIUM", "summary": "hono Improperly Handles JSX Attribute Names Allows HTML Injection in hono/jsx SSR" }, { "id": "GHSA-5pq2-9x2x-5p6w", "severity": "MEDIUM", "summary": "Hono Vulnerable to Cookie Attribute Injection via Unsanitized domain and path in setCookie()" }, { "id": "GHSA-6wqw-2p9w-4vw4", "severity": "MEDIUM", "summary": "Hono cache middleware ignores \"Cache-Control: private\" leading to Web Cache Deception" }, { "id": "GHSA-9r54-q6cx-xmh5", "severity": "MEDIUM", "summary": "Hono vulnerable to XSS through ErrorBoundary component " }, { "id": "GHSA-gq3j-xvxp-8hrf", "severity": "LOW", "summary": "Hono added timing comparison hardening in basicAuth and bearerAuth" }, { "id": "GHSA-p6xx-57qc-3wxr", "severity": "MEDIUM", "summary": "Hono Vulnerable to SSE Control Field Injection via CR/LF in writeSSE()" }, { "id": "GHSA-q5qw-h33p-qvwr", "severity": "HIGH", "summary": "Hono vulnerable to arbitrary file access via serveStatic vulnerability " }, { "id": "GHSA-r354-f388-2fhh", "severity": "MEDIUM", "summary": "Hono IPv4 address validation bypass in IP Restriction Middleware allows IP spoofing" }, { "id": "GHSA-r5rp-j6wh-rvv4", "severity": "MEDIUM", "summary": "Hono: Non-breaking space prefix bypass in cookie name handling in getCookie()" }, { "id": "GHSA-v8w9-8mx6-g223", "severity": "MEDIUM", "summary": "Hono vulnerable to Prototype Pollution possible through __proto__ key allowed in parseBody({ dot: true })" }, { "id": "GHSA-w332-q679-j88p", "severity": "MEDIUM", "summary": "Hono has an Arbitrary Key Read in Serve static Middleware (Cloudflare Workers Adapter)" }, { "id": "GHSA-wmmm-f939-6g9c", "severity": "MEDIUM", "summary": "Hono: Middleware bypass via repeated slashes in serveStatic" }, { "id": "GHSA-xf4j-xp2r-rqqx", "severity": "MEDIUM", "summary": "Hono: Path traversal in toSSG() allows writing files outside the output directory" }, { "id": "GHSA-xpcf-pg52-r92g", "severity": "MEDIUM", "summary": "Hono has incorrect IP matching in ipRestriction() for IPv4-mapped IPv6 addresses" } ], "picomatch": [ { "id": "GHSA-3v7f-55p6-f55p", "severity": "MEDIUM", "summary": "Picomatch: Method Injection in POSIX Character Classes causes incorrect Glob Matching" }, { "id": "GHSA-c2c7-rcm5-vvqj", "severity": "HIGH", "summary": "Picomatch has a ReDoS vulnerability via extglob quantifiers" } ] } }, { "name": "malicious-mcp-server", "version": "1.5.0", "ecosystem": "npm", "description": "A deliberately malicious MCP server for E2E testing purposes", "github_url": "git+https://github.com/anysource-AI/malicious-mcp-server.git", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "@regle/mcp-server", "version": "1.24.0", "ecosystem": "npm", "description": "MCP Server for Regle", "github_url": "git+https://github.com/victorgarciaesgi/regle.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "mcp-evals", "version": "2.0.1", "ecosystem": "npm", "description": "GitHub Action for evaluating MCP server tool calls using LLM-based scoring", "github_url": "git+https://github.com/mclenhard/mcp-evals.git", "total_cves": 5, "max_severity": "HIGH", "tactic_exposure": { "Tool Poisoning": [ "GHSA-mh29-5h37-fv8m" ], "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w", "GHSA-rwvc-j5jr-mgvh" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "js-yaml": [ { "id": "GHSA-mh29-5h37-fv8m", "severity": "MEDIUM", "summary": "js-yaml has prototype pollution in merge (<<)" } ], "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ], "ai": [ { "id": "GHSA-rwvc-j5jr-mgvh", "severity": "LOW", "summary": "Vercel\u2019s AI SDK's filetype whitelists can be bypassed when uploading files" } ] } }, { "name": "storybook-mcp-server", "version": "0.1.3", "ecosystem": "npm", "description": "MCP server for Storybook - provides AI assistants access to components, stories, properties and screenshots", "github_url": "git+https://github.com/stefanoamorelli/storybook-mcp-server.git", "total_cves": 8, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w", "GHSA-3p68-rc4w-qgx5", "GHSA-4hjh-wcwx-xvwj", "GHSA-fvcv-3m26-pcqx" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-43fc-jf86-j433", "GHSA-4hjh-wcwx-xvwj" ], "Output Weaponization": [ "GHSA-3p68-rc4w-qgx5", "GHSA-8hc4-vh64-cxmj", "GHSA-fvcv-3m26-pcqx", "GHSA-jr5f-v2jv-69x6" ], "Tool Poisoning": [ "GHSA-43fc-jf86-j433", "GHSA-fvcv-3m26-pcqx" ], "Privilege Escalation": [ "GHSA-fvcv-3m26-pcqx" ], "Credential Scope": [ "GHSA-fvcv-3m26-pcqx", "GHSA-jr5f-v2jv-69x6" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ], "axios": [ { "id": "GHSA-3p68-rc4w-qgx5", "severity": "MEDIUM", "summary": "Axios has a NO_PROXY Hostname Normalization Bypass that Leads to SSRF" }, { "id": "GHSA-43fc-jf86-j433", "severity": "HIGH", "summary": "Axios is Vulnerable to Denial of Service via __proto__ Key in mergeConfig" }, { "id": "GHSA-4hjh-wcwx-xvwj", "severity": "HIGH", "summary": "Axios is vulnerable to DoS attack through lack of data size check" }, { "id": "GHSA-8hc4-vh64-cxmj", "severity": "HIGH", "summary": "Server-Side Request Forgery in axios" }, { "id": "GHSA-fvcv-3m26-pcqx", "severity": "MEDIUM", "summary": "Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain" }, { "id": "GHSA-jr5f-v2jv-69x6", "severity": "HIGH", "summary": "axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL" } ] } }, { "name": "@line/line-bot-mcp-server", "version": "0.4.2", "ecosystem": "npm", "description": "MCP server for interacting with your LINE Official Account", "github_url": "git+ssh://git@github.com/line/line-bot-mcp-server.git", "total_cves": 2, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "@storybook/mcp", "version": "0.7.0", "ecosystem": "npm", "description": "MCP server that serves knowledge about your components based on your Storybook stories and documentation", "github_url": "git+https://github.com/storybookjs/mcp.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@vibeframe/mcp-server", "version": "0.99.1", "ecosystem": "npm", "description": "VibeFrame MCP Server - AI-native video editing via Model Context Protocol", "github_url": "git+https://github.com/vericontext/vibeframe.git", "total_cves": 2, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "@delorenj/mcp-server-trello", "version": "1.7.1", "ecosystem": "npm", "description": "An MCP server for Trello boards, powered by Bun for maximum performance.", "github_url": "git+https://github.com/delorenj/mcp-server-trello.git", "total_cves": 5, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-3p68-rc4w-qgx5", "GHSA-fvcv-3m26-pcqx", "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g" ], "Output Weaponization": [ "GHSA-3p68-rc4w-qgx5", "GHSA-fvcv-3m26-pcqx" ], "Tool Poisoning": [ "GHSA-43fc-jf86-j433", "GHSA-fvcv-3m26-pcqx" ], "Infrastructure & Runtime": [ "GHSA-43fc-jf86-j433", "GHSA-8r9q-7v3j-jr4g" ], "Privilege Escalation": [ "GHSA-fvcv-3m26-pcqx" ], "Credential Scope": [ "GHSA-fvcv-3m26-pcqx" ] }, "direct_vulns": [], "dep_vulns": { "axios": [ { "id": "GHSA-3p68-rc4w-qgx5", "severity": "MEDIUM", "summary": "Axios has a NO_PROXY Hostname Normalization Bypass that Leads to SSRF" }, { "id": "GHSA-43fc-jf86-j433", "severity": "HIGH", "summary": "Axios is Vulnerable to Denial of Service via __proto__ Key in mergeConfig" }, { "id": "GHSA-fvcv-3m26-pcqx", "severity": "MEDIUM", "summary": "Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain" } ], "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" } ] } }, { "name": "@mcp-apps/kusto-mcp-server", "version": "1.0.46", "ecosystem": "npm", "description": "MCP server for interacting with Kusto databases", "github_url": "", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "wikipedia-mcp-server", "version": "0.0.2", "ecosystem": "npm", "description": "Wikipedia MCP Server", "github_url": "https://github.com/hatsu38/wikipedia-mcp-server", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "mcp-searxng", "version": "1.0.3", "ecosystem": "npm", "description": "MCP server for SearXNG integration", "github_url": "git+https://github.com/ihor-sokoliuk/mcp-searxng.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@muscular/robotmem", "version": "0.1.2", "ecosystem": "npm", "description": "Thin npm wrapper for the robotmem Python CLI and MCP server.", "github_url": "git+https://github.com/vcanchik/robotmem.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@stripe/mcp", "version": "0.3.3", "ecosystem": "npm", "description": "A command line tool for setting up Stripe MCP server", "github_url": "git+https://github.com/stripe/ai.git", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "@tocharianou/mcp-server-kibana", "version": "0.7.4", "ecosystem": "npm", "description": "Kibana MCP Server", "github_url": "git+https://github.com/TocharianOU/mcp-server-kibana.git", "total_cves": 9, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-3p68-rc4w-qgx5", "GHSA-4hjh-wcwx-xvwj", "GHSA-fvcv-3m26-pcqx", "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Output Weaponization": [ "GHSA-3p68-rc4w-qgx5", "GHSA-fvcv-3m26-pcqx" ], "Tool Poisoning": [ "GHSA-43fc-jf86-j433", "GHSA-fvcv-3m26-pcqx", "GHSA-mh29-5h37-fv8m" ], "Infrastructure & Runtime": [ "GHSA-43fc-jf86-j433", "GHSA-4hjh-wcwx-xvwj", "GHSA-2g4f-4pwh-qvx6", "GHSA-8r9q-7v3j-jr4g" ], "Privilege Escalation": [ "GHSA-fvcv-3m26-pcqx" ], "Credential Scope": [ "GHSA-fvcv-3m26-pcqx" ] }, "direct_vulns": [], "dep_vulns": { "axios": [ { "id": "GHSA-3p68-rc4w-qgx5", "severity": "MEDIUM", "summary": "Axios has a NO_PROXY Hostname Normalization Bypass that Leads to SSRF" }, { "id": "GHSA-43fc-jf86-j433", "severity": "HIGH", "summary": "Axios is Vulnerable to Denial of Service via __proto__ Key in mergeConfig" }, { "id": "GHSA-4hjh-wcwx-xvwj", "severity": "HIGH", "summary": "Axios is vulnerable to DoS attack through lack of data size check" }, { "id": "GHSA-fvcv-3m26-pcqx", "severity": "MEDIUM", "summary": "Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain" } ], "ajv": [ { "id": "GHSA-2g4f-4pwh-qvx6", "severity": "MEDIUM", "summary": "ajv has ReDoS when using `$data` option" } ], "js-yaml": [ { "id": "GHSA-mh29-5h37-fv8m", "severity": "MEDIUM", "summary": "js-yaml has prototype pollution in merge (<<)" } ], "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "@gleanwork/local-mcp-server", "version": "0.10.1", "ecosystem": "npm", "description": "MCP server for Glean API integration", "github_url": "git+ssh://git@github.com/gleanwork/mcp-server.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@mantine/mcp-server", "version": "9.1.1", "ecosystem": "npm", "description": "MCP server for Mantine documentation", "github_url": "git+https://github.com/mantinedev/mantine.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "mcp-server-docker", "version": "1.0.0", "ecosystem": "npm", "description": "MCP server for executing commands in Docker containers", "github_url": "git+https://github.com/adamdude828/mcp-server-docker.git", "total_cves": 5, "max_severity": "HIGH", "tactic_exposure": { "Prompt Injection": [ "GHSA-qw6h-vgh9-j6wx" ], "Code Execution": [ "GHSA-rv95-896h-c2vc", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Output Weaponization": [ "GHSA-rv95-896h-c2vc" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-w5hq-g745-h8pq" ] }, "direct_vulns": [], "dep_vulns": { "express": [ { "id": "GHSA-qw6h-vgh9-j6wx", "severity": "LOW", "summary": "express vulnerable to XSS via response.redirect()" }, { "id": "GHSA-rv95-896h-c2vc", "severity": "MEDIUM", "summary": "Express.js Open Redirect in malformed URLs" } ], "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ], "uuid": [ { "id": "GHSA-w5hq-g745-h8pq", "severity": "MEDIUM", "summary": "uuid: Missing buffer bounds check in v3/v5/v6 when buf is provided" } ] } }, { "name": "agentmail-mcp", "version": "0.2.2", "ecosystem": "npm", "description": "AgentMail MCP Server", "github_url": "git+https://github.com/agentmail-to/agentmail-mcp.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@firefly-iii-mcp/server", "version": "1.4.0", "ecosystem": "npm", "description": "Host Firefly III MCP server as a service.", "github_url": "git+https://github.com/etnperlong/firefly-iii-mcp.git", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "@zereight/mcp-gitlab", "version": "2.1.4", "ecosystem": "npm", "description": "GitLab MCP server for projects, merge requests, issues, pipelines, wiki, releases, and more", "github_url": "git+https://github.com/zereight/gitlab-mcp.git", "total_cves": 3, "max_severity": "CRITICAL", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-fjxv-7rqg-78g4" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" } ], "form-data": [ { "id": "GHSA-fjxv-7rqg-78g4", "severity": "CRITICAL", "summary": "form-data uses unsafe random function in form-data for choosing boundary" } ] } }, { "name": "deepl-mcp-server", "version": "1.1.0", "ecosystem": "npm", "description": "MCP server for DeepL translation API", "github_url": "git+https://github.com/DeepLcom/deepl-mcp-server.git", "total_cves": 2, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "@nexus2520/jira-mcp-server", "version": "1.1.2", "ecosystem": "npm", "description": "MCP server for Jira API integration - supports Jira Cloud", "github_url": "git+https://github.com/pdogra1299/jira-mcp-server.git", "total_cves": 7, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w", "GHSA-3p68-rc4w-qgx5", "GHSA-4hjh-wcwx-xvwj", "GHSA-fvcv-3m26-pcqx" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-43fc-jf86-j433", "GHSA-4hjh-wcwx-xvwj" ], "Output Weaponization": [ "GHSA-3p68-rc4w-qgx5", "GHSA-fvcv-3m26-pcqx" ], "Tool Poisoning": [ "GHSA-43fc-jf86-j433", "GHSA-fvcv-3m26-pcqx" ], "Privilege Escalation": [ "GHSA-fvcv-3m26-pcqx" ], "Credential Scope": [ "GHSA-fvcv-3m26-pcqx" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ], "axios": [ { "id": "GHSA-3p68-rc4w-qgx5", "severity": "MEDIUM", "summary": "Axios has a NO_PROXY Hostname Normalization Bypass that Leads to SSRF" }, { "id": "GHSA-43fc-jf86-j433", "severity": "HIGH", "summary": "Axios is Vulnerable to Denial of Service via __proto__ Key in mergeConfig" }, { "id": "GHSA-4hjh-wcwx-xvwj", "severity": "HIGH", "summary": "Axios is vulnerable to DoS attack through lack of data size check" }, { "id": "GHSA-fvcv-3m26-pcqx", "severity": "MEDIUM", "summary": "Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain" } ] } }, { "name": "@qase/mcp-server", "version": "1.1.7", "ecosystem": "npm", "description": "Official MCP server for Qase Test Management Platform", "github_url": "git+https://github.com/qase-tms/qase-mcp-server.git", "total_cves": 4, "max_severity": "MEDIUM", "tactic_exposure": { "Prompt Injection": [ "GHSA-qw6h-vgh9-j6wx" ], "Code Execution": [ "GHSA-rv95-896h-c2vc", "GHSA-3p68-rc4w-qgx5", "GHSA-fvcv-3m26-pcqx" ], "Output Weaponization": [ "GHSA-rv95-896h-c2vc", "GHSA-3p68-rc4w-qgx5", "GHSA-fvcv-3m26-pcqx" ], "Privilege Escalation": [ "GHSA-fvcv-3m26-pcqx" ], "Credential Scope": [ "GHSA-fvcv-3m26-pcqx" ], "Tool Poisoning": [ "GHSA-fvcv-3m26-pcqx" ] }, "direct_vulns": [], "dep_vulns": { "express": [ { "id": "GHSA-qw6h-vgh9-j6wx", "severity": "LOW", "summary": "express vulnerable to XSS via response.redirect()" }, { "id": "GHSA-rv95-896h-c2vc", "severity": "MEDIUM", "summary": "Express.js Open Redirect in malformed URLs" } ], "axios": [ { "id": "GHSA-3p68-rc4w-qgx5", "severity": "MEDIUM", "summary": "Axios has a NO_PROXY Hostname Normalization Bypass that Leads to SSRF" }, { "id": "GHSA-fvcv-3m26-pcqx", "severity": "MEDIUM", "summary": "Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain" } ] } }, { "name": "@splicr/mcp-server", "version": "0.18.0", "ecosystem": "npm", "description": "Splicr MCP server \u2014 route what you read to what you're building", "github_url": "git+https://github.com/c0ncepT23/Splicr.git", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Tool Poisoning": [ "GHSA-mh29-5h37-fv8m" ], "Code Execution": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "js-yaml": [ { "id": "GHSA-mh29-5h37-fv8m", "severity": "MEDIUM", "summary": "js-yaml has prototype pollution in merge (<<)" } ], "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "@smartbear/mcp", "version": "0.19.0", "ecosystem": "npm", "description": "MCP server for interacting SmartBear Products", "github_url": "git+ssh://git@github.com/SmartBear/smartbear-mcp.git", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-4w7w-66w2-5vf9", "GHSA-p9ff-h696-f583", "GHSA-v2wj-q39q-566r" ], "RAG & Memory Poisoning": [ "GHSA-4w7w-66w2-5vf9", "GHSA-p9ff-h696-f583" ] }, "direct_vulns": [], "dep_vulns": { "vite": [ { "id": "GHSA-4w7w-66w2-5vf9", "severity": "MEDIUM", "summary": "Vite Vulnerable to Path Traversal in Optimized Deps `.map` Handling" }, { "id": "GHSA-p9ff-h696-f583", "severity": "HIGH", "summary": "Vite Vulnerable to Arbitrary File Read via Vite Dev Server WebSocket" }, { "id": "GHSA-v2wj-q39q-566r", "severity": "HIGH", "summary": "Vite: `server.fs.deny` bypassed with queries" } ] } }, { "name": "@azure/mcp-linux-x64", "version": "3.0.0-beta.6", "ecosystem": "npm", "description": "Azure MCP Server - Model Context Protocol implementation for Azure, for linux on x64", "github_url": "git+https://github.com/microsoft/mcp.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "hostinger-api-mcp", "version": "0.1.37", "ecosystem": "npm", "description": "MCP server for Hostinger API", "github_url": "git+https://github.com/hostinger/api-mcp-server.git", "total_cves": 8, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w", "GHSA-3p68-rc4w-qgx5", "GHSA-4hjh-wcwx-xvwj", "GHSA-fvcv-3m26-pcqx" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-43fc-jf86-j433", "GHSA-4hjh-wcwx-xvwj" ], "Output Weaponization": [ "GHSA-3p68-rc4w-qgx5", "GHSA-fvcv-3m26-pcqx", "GHSA-jr5f-v2jv-69x6" ], "Tool Poisoning": [ "GHSA-43fc-jf86-j433", "GHSA-fvcv-3m26-pcqx" ], "Privilege Escalation": [ "GHSA-fvcv-3m26-pcqx" ], "Credential Scope": [ "GHSA-fvcv-3m26-pcqx", "GHSA-jr5f-v2jv-69x6" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ], "axios": [ { "id": "GHSA-3p68-rc4w-qgx5", "severity": "MEDIUM", "summary": "Axios has a NO_PROXY Hostname Normalization Bypass that Leads to SSRF" }, { "id": "GHSA-43fc-jf86-j433", "severity": "HIGH", "summary": "Axios is Vulnerable to Denial of Service via __proto__ Key in mergeConfig" }, { "id": "GHSA-4hjh-wcwx-xvwj", "severity": "HIGH", "summary": "Axios is vulnerable to DoS attack through lack of data size check" }, { "id": "GHSA-fvcv-3m26-pcqx", "severity": "MEDIUM", "summary": "Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain" }, { "id": "GHSA-jr5f-v2jv-69x6", "severity": "HIGH", "summary": "axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL" } ] } }, { "name": "@microsoft/clarity-mcp-server", "version": "2.0.1", "ecosystem": "npm", "description": "MCP Server for Microsoft Clarity based on data export API", "github_url": "git+https://github.com/microsoft/clarity-mcp-server.git", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "slack-mcp-server", "version": "1.2.3", "ecosystem": "npm", "description": "Model Context Protocol (MCP) server for Slack Workspaces. This integration supports both Stdio and SSE transports, proxy settings and does not require any permissions or bots being created or approved by Workspace admins", "github_url": "git+https://github.com/korotovsky/slack-mcp-server.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "fsb-mcp-server", "version": "0.7.4", "ecosystem": "npm", "description": "FSB Browser Automation MCP Server", "github_url": "git+https://github.com/lakshmanturlapati/FSB.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@yjzf/mcp-server-yjzf", "version": "0.2.3", "ecosystem": "npm", "description": "MCP Server for YJZF", "github_url": "", "total_cves": 2, "max_severity": "HIGH", "tactic_exposure": { "Tool Poisoning": [ "GHSA-4r6h-8v6p-xvw6" ], "Infrastructure & Runtime": [ "GHSA-5pgg-2g8v-p4x9" ] }, "direct_vulns": [], "dep_vulns": { "xlsx": [ { "id": "GHSA-4r6h-8v6p-xvw6", "severity": "HIGH", "summary": "Prototype Pollution in sheetJS" }, { "id": "GHSA-5pgg-2g8v-p4x9", "severity": "HIGH", "summary": "SheetJS Regular Expression Denial of Service (ReDoS)" } ] } }, { "name": "@wonderwhy-er/desktop-commander", "version": "0.2.40", "ecosystem": "npm", "description": "MCP server for terminal operations and file editing", "github_url": "https://github.com/wonderwhy-er/DesktopCommanderMCP", "total_cves": 6, "max_severity": "HIGH", "tactic_exposure": { "Supply Chain": [ "GHSA-5j98-mcp5-4vw2" ], "Privilege Escalation": [ "GHSA-5j98-mcp5-4vw2" ], "Code Execution": [ "GHSA-5j98-mcp5-4vw2", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w", "GHSA-j47w-4g3g-c36v" ], "Credential Scope": [ "GHSA-5j98-mcp5-4vw2" ], "Output Weaponization": [ "GHSA-5j98-mcp5-4vw2" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-5v7r-6r5c-r473", "GHSA-j47w-4g3g-c36v", "GHSA-38c4-r59v-3vqw" ] }, "direct_vulns": [], "dep_vulns": { "glob": [ { "id": "GHSA-5j98-mcp5-4vw2", "severity": "HIGH", "summary": "glob CLI: Command injection via -c/--cmd executes matches with shell:true" } ], "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ], "file-type": [ { "id": "GHSA-5v7r-6r5c-r473", "severity": "MEDIUM", "summary": "file-type affected by infinite loop in ASF parser on malformed input with zero-size sub-header" }, { "id": "GHSA-j47w-4g3g-c36v", "severity": "MEDIUM", "summary": "file-type: ZIP Decompression Bomb DoS via [Content_Types].xml entry" } ], "markdown-it": [ { "id": "GHSA-38c4-r59v-3vqw", "severity": "MEDIUM", "summary": "markdown-it is has a Regular Expression Denial of Service (ReDoS)" } ] } }, { "name": "@transloadit/mcp-server", "version": "0.3.19", "ecosystem": "npm", "description": "Transloadit MCP server", "github_url": "git+https://github.com/transloadit/node-sdk.git", "total_cves": 1, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" } ] } }, { "name": "@drawio/mcp", "version": "1.2.6", "ecosystem": "npm", "description": "Official draw.io MCP server for LLMs - Open diagrams in draw.io editor", "github_url": "git+https://github.com/jgraph/drawio-mcp.git", "total_cves": 5, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-2v35-w6hq-6mfw", "GHSA-f6ww-3ggp-fr8h" ], "Infrastructure & Runtime": [ "GHSA-2v35-w6hq-6mfw", "GHSA-j759-j44w-7fr8", "GHSA-wh4c-j3r5-mjhp", "GHSA-x6wf-f3px-wcqx" ] }, "direct_vulns": [], "dep_vulns": { "@xmldom/xmldom": [ { "id": "GHSA-2v35-w6hq-6mfw", "severity": "HIGH", "summary": "xmldom: Uncontrolled recursion in XML serialization leads to DoS" }, { "id": "GHSA-f6ww-3ggp-fr8h", "severity": "HIGH", "summary": "xmldom has XML injection through unvalidated DocumentType serialization" }, { "id": "GHSA-j759-j44w-7fr8", "severity": "HIGH", "summary": "xmldom has XML node injection through unvalidated comment serialization" }, { "id": "GHSA-wh4c-j3r5-mjhp", "severity": "HIGH", "summary": "xmldom: XML injection via unsafe CDATA serialization allows attacker-controlled markup insertion" }, { "id": "GHSA-x6wf-f3px-wcqx", "severity": "HIGH", "summary": "xmldom has XML node injection through unvalidated processing instruction serialization" } ] } }, { "name": "@azure/mcp-win32-x64", "version": "3.0.0-beta.6", "ecosystem": "npm", "description": "Azure MCP Server - Model Context Protocol implementation for Azure, for win32 on x64", "github_url": "git+https://github.com/microsoft/mcp.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "cclsp", "version": "0.7.0", "ecosystem": "npm", "description": "MCP server for accessing LSP functionality", "github_url": "git+https://github.com/ktnyt/cclsp.git", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "narrarium-mcp-server", "version": "0.1.50", "ecosystem": "npm", "description": "Local MCP server for Narrarium book repositories.", "github_url": "git+https://github.com/KeyserDSoze/GhostWriterFramework.git", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "agentdrop-mcp-server", "version": "0.2.25", "ecosystem": "npm", "description": "MCP server for AgentDrop \u2014 agent communication infrastructure", "github_url": "git+https://github.com/qFlav/AgentDrop.git", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "@artyfacts/mcp-server", "version": "1.9.14", "ecosystem": "npm", "description": "MCP server exposing Artyfacts tools for Claude Code and OpenClaw", "github_url": "git+https://github.com/artygracie/artyfacts.git", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "@knip/mcp", "version": "0.0.28", "ecosystem": "npm", "description": "Knip MCP Server", "github_url": "git+https://github.com/webpro-nl/knip.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@moneyforward_i/admina-mcp-server", "version": "1.0.3", "ecosystem": "npm", "description": "An MCP server for Admina", "github_url": "https://github.com/moneyforward-i/admina-mcp-server.git", "total_cves": 7, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-3p68-rc4w-qgx5", "GHSA-4hjh-wcwx-xvwj", "GHSA-fvcv-3m26-pcqx", "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Output Weaponization": [ "GHSA-3p68-rc4w-qgx5", "GHSA-fvcv-3m26-pcqx" ], "Tool Poisoning": [ "GHSA-43fc-jf86-j433", "GHSA-fvcv-3m26-pcqx" ], "Infrastructure & Runtime": [ "GHSA-43fc-jf86-j433", "GHSA-4hjh-wcwx-xvwj", "GHSA-8r9q-7v3j-jr4g" ], "Privilege Escalation": [ "GHSA-fvcv-3m26-pcqx" ], "Credential Scope": [ "GHSA-fvcv-3m26-pcqx" ] }, "direct_vulns": [], "dep_vulns": { "axios": [ { "id": "GHSA-3p68-rc4w-qgx5", "severity": "MEDIUM", "summary": "Axios has a NO_PROXY Hostname Normalization Bypass that Leads to SSRF" }, { "id": "GHSA-43fc-jf86-j433", "severity": "HIGH", "summary": "Axios is Vulnerable to Denial of Service via __proto__ Key in mergeConfig" }, { "id": "GHSA-4hjh-wcwx-xvwj", "severity": "HIGH", "summary": "Axios is vulnerable to DoS attack through lack of data size check" }, { "id": "GHSA-fvcv-3m26-pcqx", "severity": "MEDIUM", "summary": "Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain" } ], "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "@kintone/mcp-server", "version": "1.3.12", "ecosystem": "npm", "description": "The official MCP Server for kintone", "github_url": "git+https://github.com/kintone/mcp-server.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "targetprocess-mcp-server", "version": "2.0.6", "ecosystem": "npm", "description": "MCP server for Tartget Process", "github_url": "git+https://github.com/SerhiiMaksymiv/targetprocess-mcp-server.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@growthbook/mcp", "version": "1.8.1", "ecosystem": "npm", "description": "MCP Server for interacting with GrowthBook", "github_url": "git+https://github.com/growthbook/growthbook-mcp.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "todoist-mcp", "version": "1.3.4", "ecosystem": "npm", "description": "Todoist MCP Server", "github_url": "git+https://github.com/stanislavlysenko0912/todoist-mcp-server.git", "total_cves": 4, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-w5hq-g745-h8pq", "GHSA-8r9q-7v3j-jr4g", "GHSA-m95q-7qp3-xv42" ], "Code Execution": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ] }, "direct_vulns": [], "dep_vulns": { "uuid": [ { "id": "GHSA-w5hq-g745-h8pq", "severity": "MEDIUM", "summary": "uuid: Missing buffer bounds check in v3/v5/v6 when buf is provided" } ], "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ], "zod": [ { "id": "GHSA-m95q-7qp3-xv42", "severity": "MEDIUM", "summary": "Zod denial of service vulnerability" } ] } }, { "name": "agent-orchestrator-mcp-server", "version": "0.7.17", "ecosystem": "npm", "description": "Local implementation of agent-orchestrator MCP server", "github_url": "", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "rewind-mcp-server", "version": "0.9.0", "ecosystem": "npm", "description": "MCP server for the Rewind personal data API", "github_url": "git+https://github.com/pdugan20/rewind.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@ehrocks/fe-mcp-server", "version": "1.0.6", "ecosystem": "npm", "description": "MCP server for searching Hero Design System components", "github_url": "git+https://github.com/thinkei/fe-mcp-service.git", "total_cves": 2, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "@asgcard/mcp-server", "version": "0.6.3", "ecosystem": "npm", "description": "MCP Server for ASG Card \u2014 give AI agents autonomous virtual card management via x402", "github_url": "git+https://github.com/ASGCompute/asgcard-public.git", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "@cocal/google-calendar-mcp", "version": "2.6.1", "ecosystem": "npm", "description": "Google Calendar MCP Server with extensive support for calendar management", "github_url": "git+https://github.com/nspady/google-calendar-mcp.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@unthread-io/mcp-server", "version": "1.3.1", "ecosystem": "npm", "description": "Unthread MCP Server", "github_url": "git+https://github.com/unthread-io/mcp-server.git", "total_cves": 1, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" } ] } }, { "name": "openapi-mcp-server", "version": "2.1.0", "ecosystem": "npm", "description": "MCP server for interacting with openapisearch.com API", "github_url": "", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "@next-ai-drawio/mcp-server", "version": "0.2.0", "ecosystem": "npm", "description": "MCP server for Next AI Draw.io - AI-powered diagram generation with real-time browser preview", "github_url": "git+https://github.com/DayuanJiang/next-ai-draw-io.git", "total_cves": 2, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "linkup-mcp-server", "version": "3.0.1", "ecosystem": "npm", "description": "Linkup MCP server for web search", "github_url": "git+https://github.com/LinkupPlatform/linkup-mcp-server.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "kosyak-evm-mcp-server", "version": "2.23.3", "ecosystem": "npm", "description": "MCP server for EVM blockchains \u2014 43 tools, 10 prompts, 70+ networks", "github_url": "git+https://github.com/kosyakdev/evm-mcp-server.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@google-cloud/gcloud-mcp", "version": "0.5.3", "ecosystem": "npm", "description": "Model Context Protocol (MCP) Server for interacting with GCP APIs", "github_url": "git+https://github.com/googleapis/gcloud-mcp.git", "total_cves": 2, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" } ] } }, { "name": "@tankpkg/mcp-server", "version": "0.15.4", "ecosystem": "npm", "description": "MCP server for Tank - scan and publish AI agent skills from your editor", "github_url": "git+https://github.com/tankpkg/tank.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@structured-world/gitlab-mcp", "version": "7.2.0", "ecosystem": "npm", "description": "Advanced GitLab MCP server", "github_url": "git+https://github.com/structured-world/gitlab-mcp.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "mcp-server-linear", "version": "1.6.0", "ecosystem": "npm", "description": "An MCP server for interacting with Linear's API, providing tools for managing issues, projects, and teams", "github_url": "git+https://github.com/dvcrn/mcp-server-linear.git", "total_cves": 2, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "@google-cloud/observability-mcp", "version": "0.2.3", "ecosystem": "npm", "description": "MCP Server for GCP environment for interacting with various Observability APIs.", "github_url": "git+https://github.com/googleapis/gcloud-mcp.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@hugeicons/mcp-server", "version": "0.2.1", "ecosystem": "npm", "description": "MCP server for Hugeicons search and usage documentation", "github_url": "git+https://github.com/hugeicons/mcp-server.git", "total_cves": 6, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-3p68-rc4w-qgx5", "GHSA-4hjh-wcwx-xvwj", "GHSA-fvcv-3m26-pcqx", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Output Weaponization": [ "GHSA-3p68-rc4w-qgx5", "GHSA-fvcv-3m26-pcqx" ], "Tool Poisoning": [ "GHSA-43fc-jf86-j433", "GHSA-fvcv-3m26-pcqx" ], "Infrastructure & Runtime": [ "GHSA-43fc-jf86-j433", "GHSA-4hjh-wcwx-xvwj", "GHSA-8r9q-7v3j-jr4g" ], "Privilege Escalation": [ "GHSA-fvcv-3m26-pcqx" ], "Credential Scope": [ "GHSA-fvcv-3m26-pcqx" ] }, "direct_vulns": [], "dep_vulns": { "axios": [ { "id": "GHSA-3p68-rc4w-qgx5", "severity": "MEDIUM", "summary": "Axios has a NO_PROXY Hostname Normalization Bypass that Leads to SSRF" }, { "id": "GHSA-43fc-jf86-j433", "severity": "HIGH", "summary": "Axios is Vulnerable to Denial of Service via __proto__ Key in mergeConfig" }, { "id": "GHSA-4hjh-wcwx-xvwj", "severity": "HIGH", "summary": "Axios is vulnerable to DoS attack through lack of data size check" }, { "id": "GHSA-fvcv-3m26-pcqx", "severity": "MEDIUM", "summary": "Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain" } ], "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "@zapier/zapier-sdk-mcp", "version": "0.11.6", "ecosystem": "npm", "description": "MCP server for Zapier SDK", "github_url": "git+https://gitlab.com/zapier/zapier-sdk/zapier-sdk.git", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "@fangjunjie/ssh-mcp-server", "version": "1.6.1", "ecosystem": "npm", "description": "SSH-based MCP Server (\u57fa\u4e8e SSH \u7684 MCP \u670d\u52a1\u5668)", "github_url": "", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@dinanathdash/envault-mcp-server", "version": "1.12.0", "ecosystem": "npm", "description": "MCP server for Envault CLI operations", "github_url": "git+https://github.com/DinanathDash/Envault.git", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "mcp-atlassian", "version": "2.1.0", "ecosystem": "npm", "description": "MCP server for Atlassian (Confluence and Jira) integration", "github_url": "git+https://github.com/Vijay-Duke/mcp-atlassian.git", "total_cves": 16, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w", "GHSA-3p68-rc4w-qgx5", "GHSA-4hjh-wcwx-xvwj", "GHSA-fvcv-3m26-pcqx", "GHSA-cj63-jhhr-wcxv" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-43fc-jf86-j433", "GHSA-4hjh-wcwx-xvwj", "GHSA-39q2-94rc-95cp" ], "Output Weaponization": [ "GHSA-3p68-rc4w-qgx5", "GHSA-fvcv-3m26-pcqx" ], "Tool Poisoning": [ "GHSA-43fc-jf86-j433", "GHSA-fvcv-3m26-pcqx", "GHSA-cj63-jhhr-wcxv", "GHSA-v9jr-rg53-9pgp" ], "Privilege Escalation": [ "GHSA-fvcv-3m26-pcqx" ], "Credential Scope": [ "GHSA-fvcv-3m26-pcqx", "GHSA-h7mw-gpvr-xq4m" ], "Prompt Injection": [ "GHSA-cj63-jhhr-wcxv", "GHSA-cjmm-f4jc-qw8r", "GHSA-crv5-9vww-q3g8", "GHSA-h8r8-wccr-v5f2", "GHSA-v2wj-7wpq-c8vv", "GHSA-v8jm-5vwx-cfxm", "GHSA-v9jr-rg53-9pgp" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ], "axios": [ { "id": "GHSA-3p68-rc4w-qgx5", "severity": "MEDIUM", "summary": "Axios has a NO_PROXY Hostname Normalization Bypass that Leads to SSRF" }, { "id": "GHSA-43fc-jf86-j433", "severity": "HIGH", "summary": "Axios is Vulnerable to Denial of Service via __proto__ Key in mergeConfig" }, { "id": "GHSA-4hjh-wcwx-xvwj", "severity": "HIGH", "summary": "Axios is vulnerable to DoS attack through lack of data size check" }, { "id": "GHSA-fvcv-3m26-pcqx", "severity": "MEDIUM", "summary": "Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain" } ], "dompurify": [ { "id": "GHSA-39q2-94rc-95cp", "severity": "MEDIUM", "summary": "DOMPurify's ADD_TAGS function form bypasses FORBID_TAGS due to short-circuit evaluation" }, { "id": "GHSA-cj63-jhhr-wcxv", "severity": "MEDIUM", "summary": "DOMPurify USE_PROFILES prototype pollution allows event handlers" }, { "id": "GHSA-cjmm-f4jc-qw8r", "severity": "MEDIUM", "summary": "DOMPurify ADD_ATTR predicate skips URI validation" }, { "id": "GHSA-crv5-9vww-q3g8", "severity": "MEDIUM", "summary": "DOMPurify has a SAFE_FOR_TEMPLATES bypass in RETURN_DOM mode" }, { "id": "GHSA-h7mw-gpvr-xq4m", "severity": "MEDIUM", "summary": "DOMPurify: FORBID_TAGS bypassed by function-based ADD_TAGS predicate (asymmetry with FORBID_ATTR fix)" }, { "id": "GHSA-h8r8-wccr-v5f2", "severity": "MEDIUM", "summary": "DOMPurify is vulnerable to mutation-XSS via Re-Contextualization " }, { "id": "GHSA-v2wj-7wpq-c8vv", "severity": "MEDIUM", "summary": "DOMPurify contains a Cross-site Scripting vulnerability" }, { "id": "GHSA-v8jm-5vwx-cfxm", "severity": "MEDIUM", "summary": "DOMPurify contains a Cross-site Scripting vulnerability" }, { "id": "GHSA-v9jr-rg53-9pgp", "severity": "MEDIUM", "summary": "DOMPurify: Prototype Pollution to XSS Bypass via CUSTOM_ELEMENT_HANDLING Fallback" } ] } }, { "name": "@r-huijts/strava-mcp-server", "version": "1.2.1", "ecosystem": "npm", "description": "MCP server for Strava API", "github_url": "git+https://github.com/r-huijts/strava-mcp.git", "total_cves": 9, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w", "GHSA-3p68-rc4w-qgx5", "GHSA-4hjh-wcwx-xvwj", "GHSA-fvcv-3m26-pcqx" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-43fc-jf86-j433", "GHSA-4hjh-wcwx-xvwj", "GHSA-m95q-7qp3-xv42" ], "Output Weaponization": [ "GHSA-3p68-rc4w-qgx5", "GHSA-8hc4-vh64-cxmj", "GHSA-fvcv-3m26-pcqx", "GHSA-jr5f-v2jv-69x6" ], "Tool Poisoning": [ "GHSA-43fc-jf86-j433", "GHSA-fvcv-3m26-pcqx" ], "Privilege Escalation": [ "GHSA-fvcv-3m26-pcqx" ], "Credential Scope": [ "GHSA-fvcv-3m26-pcqx", "GHSA-jr5f-v2jv-69x6" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ], "axios": [ { "id": "GHSA-3p68-rc4w-qgx5", "severity": "MEDIUM", "summary": "Axios has a NO_PROXY Hostname Normalization Bypass that Leads to SSRF" }, { "id": "GHSA-43fc-jf86-j433", "severity": "HIGH", "summary": "Axios is Vulnerable to Denial of Service via __proto__ Key in mergeConfig" }, { "id": "GHSA-4hjh-wcwx-xvwj", "severity": "HIGH", "summary": "Axios is vulnerable to DoS attack through lack of data size check" }, { "id": "GHSA-8hc4-vh64-cxmj", "severity": "HIGH", "summary": "Server-Side Request Forgery in axios" }, { "id": "GHSA-fvcv-3m26-pcqx", "severity": "MEDIUM", "summary": "Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain" }, { "id": "GHSA-jr5f-v2jv-69x6", "severity": "HIGH", "summary": "axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL" } ], "zod": [ { "id": "GHSA-m95q-7qp3-xv42", "severity": "MEDIUM", "summary": "Zod denial of service vulnerability" } ] } }, { "name": "@vapi-ai/mcp-server", "version": "0.0.9", "ecosystem": "npm", "description": "Vapi MCP Server", "github_url": "git+https://github.com/VapiAI/mcp-server.git", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "@letsrunit/mcp-server", "version": "0.20.0", "ecosystem": "npm", "description": "MCP server for letsrunit \u2014 AI-agent browser test generation and execution", "github_url": "https://github.com/letsrunit-hq/letsrunit.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "mysql-mcp-server", "version": "0.1.3", "ecosystem": "npm", "description": "An MCP server that provides read-only access to MySQL databases.", "github_url": "git+https://github.com/dpflucas/mysql-mcp-server.git", "total_cves": 2, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "bugsnag-mcp-server", "version": "1.1.0", "ecosystem": "npm", "description": "A Bugsnag MCP server for interacting with Bugsnag API", "github_url": "git+https://github.com/yourusername/bugsnag-mcp.git", "total_cves": 6, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-3p68-rc4w-qgx5", "GHSA-4hjh-wcwx-xvwj", "GHSA-fvcv-3m26-pcqx", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Output Weaponization": [ "GHSA-3p68-rc4w-qgx5", "GHSA-fvcv-3m26-pcqx" ], "Tool Poisoning": [ "GHSA-43fc-jf86-j433", "GHSA-fvcv-3m26-pcqx" ], "Infrastructure & Runtime": [ "GHSA-43fc-jf86-j433", "GHSA-4hjh-wcwx-xvwj", "GHSA-8r9q-7v3j-jr4g" ], "Privilege Escalation": [ "GHSA-fvcv-3m26-pcqx" ], "Credential Scope": [ "GHSA-fvcv-3m26-pcqx" ] }, "direct_vulns": [], "dep_vulns": { "axios": [ { "id": "GHSA-3p68-rc4w-qgx5", "severity": "MEDIUM", "summary": "Axios has a NO_PROXY Hostname Normalization Bypass that Leads to SSRF" }, { "id": "GHSA-43fc-jf86-j433", "severity": "HIGH", "summary": "Axios is Vulnerable to Denial of Service via __proto__ Key in mergeConfig" }, { "id": "GHSA-4hjh-wcwx-xvwj", "severity": "HIGH", "summary": "Axios is vulnerable to DoS attack through lack of data size check" }, { "id": "GHSA-fvcv-3m26-pcqx", "severity": "MEDIUM", "summary": "Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain" } ], "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "@idealyst/mcp-server", "version": "1.3.19", "ecosystem": "npm", "description": "MCP server providing documentation and examples for the Idealyst framework", "github_url": "", "total_cves": 2, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "@azure/mcp-darwin-arm64", "version": "3.0.0-beta.6", "ecosystem": "npm", "description": "Azure MCP Server - Model Context Protocol implementation for Azure, for darwin on arm64", "github_url": "git+https://github.com/microsoft/mcp.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "mcp-echo-server", "version": "1.0.0", "ecosystem": "npm", "description": "A minimal MCP server template that echoes messages", "github_url": "", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "@wraithwalker/mcp-server", "version": "2.4.0", "ecosystem": "npm", "description": "MCP server for exposing WraithWalker fixture directories to AI agents.", "github_url": "git+https://github.com/VictorQueiroz/WraithWalker.git", "total_cves": 1, "max_severity": "HIGH", "tactic_exposure": { "Tool Poisoning": [ "GHSA-43p4-m455-4f4j" ], "Infrastructure & Runtime": [ "GHSA-43p4-m455-4f4j" ] }, "direct_vulns": [], "dep_vulns": { "@trpc/server": [ { "id": "GHSA-43p4-m455-4f4j", "severity": "HIGH", "summary": "tRPC has possible prototype pollution in `experimental_nextAppDirCaller`" } ] } }, { "name": "clinicaltrialsgov-mcp-server", "version": "2.4.2", "ecosystem": "npm", "description": "MCP server for the ClinicalTrials.gov v2 API. Search trials, retrieve study details and results, and match patients to eligible trials.", "github_url": "git+https://github.com/cyanheads/clinicaltrialsgov-mcp-server.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@cyanheads/git-mcp-server", "version": "2.15.0", "ecosystem": "npm", "description": "A secure and scalable Git MCP server enabling AI agents to perform comprehensive Git version control operations via STDIO and Streamable HTTP.", "github_url": "git+https://github.com/cyanheads/git-mcp-server.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "zd-mcp-server", "version": "0.5.0", "ecosystem": "npm", "description": "Zendesk MCP Server - Model Context Protocol server for Zendesk Support integration", "github_url": "git+https://github.com/koundinya/zd-mcp-server.git", "total_cves": 2, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "@jinzcdev/markmap-mcp-server", "version": "0.1.1", "ecosystem": "npm", "description": "MCP server for converting Markdown to interactive mind maps with export support (PNG/JPG/SVG)", "github_url": "git+https://github.com/jinzcdev/markmap-mcp-server.git", "total_cves": 2, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "@antv/mcp-server-chart", "version": "0.9.10", "ecosystem": "npm", "description": "A Model Context Protocol server for generating charts using AntV. This is a TypeScript-based MCP server that provides chart generation capabilities. It allows you to create various types of charts through MCP tools.", "github_url": "git+https://github.com/antvis/mcp-server-chart.git", "total_cves": 5, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-3p68-rc4w-qgx5", "GHSA-4hjh-wcwx-xvwj", "GHSA-fvcv-3m26-pcqx" ], "Output Weaponization": [ "GHSA-3p68-rc4w-qgx5", "GHSA-fvcv-3m26-pcqx" ], "Tool Poisoning": [ "GHSA-43fc-jf86-j433", "GHSA-fvcv-3m26-pcqx" ], "Infrastructure & Runtime": [ "GHSA-43fc-jf86-j433", "GHSA-4hjh-wcwx-xvwj" ], "Privilege Escalation": [ "GHSA-fvcv-3m26-pcqx" ], "Credential Scope": [ "GHSA-fvcv-3m26-pcqx" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" } ], "axios": [ { "id": "GHSA-3p68-rc4w-qgx5", "severity": "MEDIUM", "summary": "Axios has a NO_PROXY Hostname Normalization Bypass that Leads to SSRF" }, { "id": "GHSA-43fc-jf86-j433", "severity": "HIGH", "summary": "Axios is Vulnerable to Denial of Service via __proto__ Key in mergeConfig" }, { "id": "GHSA-4hjh-wcwx-xvwj", "severity": "HIGH", "summary": "Axios is vulnerable to DoS attack through lack of data size check" }, { "id": "GHSA-fvcv-3m26-pcqx", "severity": "MEDIUM", "summary": "Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain" } ] } }, { "name": "airweave-mcp-search", "version": "0.9.62", "ecosystem": "npm", "description": "MCP server for searching Airweave collections", "github_url": "git+https://github.com/airweave-ai/airweave.git", "total_cves": 5, "max_severity": "HIGH", "tactic_exposure": { "Prompt Injection": [ "GHSA-qw6h-vgh9-j6wx" ], "Code Execution": [ "GHSA-rv95-896h-c2vc", "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Output Weaponization": [ "GHSA-rv95-896h-c2vc" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "express": [ { "id": "GHSA-qw6h-vgh9-j6wx", "severity": "LOW", "summary": "express vulnerable to XSS via response.redirect()" }, { "id": "GHSA-rv95-896h-c2vc", "severity": "MEDIUM", "summary": "Express.js Open Redirect in malformed URLs" } ], "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "unifi-network-mcp", "version": "0.1.3", "ecosystem": "npm", "description": "Read-only MCP server for UniFi Network controllers", "github_url": "git+https://github.com/ryanbehan/unifi-network-mcp.git", "total_cves": 7, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w", "GHSA-3p68-rc4w-qgx5", "GHSA-4hjh-wcwx-xvwj", "GHSA-fvcv-3m26-pcqx" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-43fc-jf86-j433", "GHSA-4hjh-wcwx-xvwj" ], "Output Weaponization": [ "GHSA-3p68-rc4w-qgx5", "GHSA-fvcv-3m26-pcqx", "GHSA-jr5f-v2jv-69x6" ], "Tool Poisoning": [ "GHSA-43fc-jf86-j433", "GHSA-fvcv-3m26-pcqx" ], "Privilege Escalation": [ "GHSA-fvcv-3m26-pcqx" ], "Credential Scope": [ "GHSA-fvcv-3m26-pcqx", "GHSA-jr5f-v2jv-69x6" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ], "axios": [ { "id": "GHSA-3p68-rc4w-qgx5", "severity": "MEDIUM", "summary": "Axios has a NO_PROXY Hostname Normalization Bypass that Leads to SSRF" }, { "id": "GHSA-43fc-jf86-j433", "severity": "HIGH", "summary": "Axios is Vulnerable to Denial of Service via __proto__ Key in mergeConfig" }, { "id": "GHSA-4hjh-wcwx-xvwj", "severity": "HIGH", "summary": "Axios is vulnerable to DoS attack through lack of data size check" }, { "id": "GHSA-fvcv-3m26-pcqx", "severity": "MEDIUM", "summary": "Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain" }, { "id": "GHSA-jr5f-v2jv-69x6", "severity": "HIGH", "summary": "axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL" } ] } }, { "name": "figma-mcp-server", "version": "2.1.1", "ecosystem": "npm", "description": "A comprehensive local MCP server for Figma. Connect Figma with the Gemini CLI, Cursor, and Claude Desktop.", "github_url": "git+https://github.com/planetabhi/figma-mcp-server.git", "total_cves": 2, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" } ] } }, { "name": "scrapeless-mcp-server", "version": "0.4.9", "ecosystem": "npm", "description": "Scrapeless Mcp Server", "github_url": "git+https://github.com/scrapeless-ai/scrapeless-mcp-server.git", "total_cves": 10, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-3p68-rc4w-qgx5", "GHSA-4hjh-wcwx-xvwj", "GHSA-fvcv-3m26-pcqx", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w", "GHSA-cvhv-6xm6-c3v4", "GHSA-r7x9-8ph7-w8cg", "GHSA-w5cr-2qhr-jqc5" ], "Output Weaponization": [ "GHSA-3p68-rc4w-qgx5", "GHSA-fvcv-3m26-pcqx" ], "Tool Poisoning": [ "GHSA-43fc-jf86-j433", "GHSA-fvcv-3m26-pcqx" ], "Infrastructure & Runtime": [ "GHSA-43fc-jf86-j433", "GHSA-4hjh-wcwx-xvwj", "GHSA-8r9q-7v3j-jr4g", "GHSA-48c2-rrv3-qjmp" ], "Privilege Escalation": [ "GHSA-fvcv-3m26-pcqx" ], "Credential Scope": [ "GHSA-fvcv-3m26-pcqx" ], "Prompt Injection": [ "GHSA-cvhv-6xm6-c3v4", "GHSA-w5cr-2qhr-jqc5" ] }, "direct_vulns": [], "dep_vulns": { "axios": [ { "id": "GHSA-3p68-rc4w-qgx5", "severity": "MEDIUM", "summary": "Axios has a NO_PROXY Hostname Normalization Bypass that Leads to SSRF" }, { "id": "GHSA-43fc-jf86-j433", "severity": "HIGH", "summary": "Axios is Vulnerable to Denial of Service via __proto__ Key in mergeConfig" }, { "id": "GHSA-4hjh-wcwx-xvwj", "severity": "HIGH", "summary": "Axios is vulnerable to DoS attack through lack of data size check" }, { "id": "GHSA-fvcv-3m26-pcqx", "severity": "MEDIUM", "summary": "Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain" } ], "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ], "agents": [ { "id": "GHSA-cvhv-6xm6-c3v4", "severity": "MEDIUM", "summary": "Cloudflare Agents is Vulnerable to Reflected Cross-Site Scripting in the AI Playground's OAuth callback handler" }, { "id": "GHSA-r7x9-8ph7-w8cg", "severity": "MEDIUM", "summary": "Cloudflare Agents SDK has Insecure Direct Object Reference (IDOR) via Header-Based Email Routing" }, { "id": "GHSA-w5cr-2qhr-jqc5", "severity": "MEDIUM", "summary": "Cloudflare Agents has a Reflected Cross-Site Scripting (XSS) vulnerability in AI Playground site" } ], "yaml": [ { "id": "GHSA-48c2-rrv3-qjmp", "severity": "MEDIUM", "summary": "yaml is vulnerable to Stack Overflow via deeply nested YAML collections" } ] } }, { "name": "@skanda-yutori/mcp-send-email", "version": "1.0.0", "ecosystem": "npm", "description": "MCP server for sending emails via Resend API", "github_url": "", "total_cves": 2, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "@h-ear/mcp-server", "version": "1.1.8", "ecosystem": "npm", "description": "MCP server for the H-ear World audio classification API \u2014 connect Claude, ChatGPT, and other AI agents to 521+ sound classes", "github_url": "git+https://github.com/noise-control-monitor/ncm-monorepo.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "search-mcp-server", "version": "0.14.4", "ecosystem": "npm", "description": "MCP server for browser automation via Jan Browser extension - provides tools for web navigation, interaction, and search", "github_url": "git+https://github.com/janhq/jan-browser-extension.git", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-w5hq-g745-h8pq", "GHSA-8r9q-7v3j-jr4g" ], "Code Execution": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ] }, "direct_vulns": [], "dep_vulns": { "uuid": [ { "id": "GHSA-w5hq-g745-h8pq", "severity": "MEDIUM", "summary": "uuid: Missing buffer bounds check in v3/v5/v6 when buf is provided" } ], "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "@diskd-ai/email-mcp", "version": "0.3.8", "ecosystem": "npm", "description": "Email MCP server with IMAP + SMTP support", "github_url": "git+https://github.com/codefuturist/email-mcp.git", "total_cves": 3, "max_severity": "MEDIUM", "tactic_exposure": { "Code Execution": [ "GHSA-c7w3-x93f-qmm8", "GHSA-vvjj-xcjg-gr5g" ], "Infrastructure & Runtime": [ "GHSA-v3rj-xjv7-4jmq" ] }, "direct_vulns": [], "dep_vulns": { "nodemailer": [ { "id": "GHSA-c7w3-x93f-qmm8", "severity": "LOW", "summary": "Nodemailer has SMTP command injection due to unsanitized `envelope.size` parameter" }, { "id": "GHSA-vvjj-xcjg-gr5g", "severity": "MEDIUM", "summary": "Nodemailer Vulnerable to SMTP Command Injection via CRLF in Transport name Option (EHLO/HELO) " } ], "smol-toml": [ { "id": "GHSA-v3rj-xjv7-4jmq", "severity": "MEDIUM", "summary": "smol-toml: Denial of Service via TOML documents containing thousands of consecutive commented lines" } ] } }, { "name": "@translated/lara-mcp", "version": "1.0.1", "ecosystem": "npm", "description": "Lara API official MCP server", "github_url": "git+https://github.com/translated/lara-mcp.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@get-technology-inc/jamf-docs-mcp-server", "version": "3.0.17", "ecosystem": "npm", "description": "MCP Server for accessing Jamf Documentation (learn.jamf.com)", "github_url": "git+https://github.com/GET-Technology-Inc/jamf-docs-mcp-server.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "vite-plugin-mcp", "version": "0.3.2", "ecosystem": "npm", "description": "MCP server helping models to understand your Vite app better.", "github_url": "git+https://github.com/antfu/nuxt-mcp-dev.git", "total_cves": 2, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" } ] } }, { "name": "@ai-dossier/mcp-server", "version": "1.3.0", "ecosystem": "npm", "description": "MCP server for dossier automation standard - enables LLMs to discover, verify, and execute dossiers", "github_url": "git+https://github.com/imboard-ai/ai-dossier.git", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "fdic-mcp-server", "version": "1.30.0", "ecosystem": "npm", "description": "MCP server for the FDIC BankFind Suite API", "github_url": "git+https://github.com/jflamb/fdic-mcp-server.git", "total_cves": 10, "max_severity": "HIGH", "tactic_exposure": { "Prompt Injection": [ "GHSA-qw6h-vgh9-j6wx" ], "Code Execution": [ "GHSA-rv95-896h-c2vc", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w", "GHSA-3p68-rc4w-qgx5", "GHSA-4hjh-wcwx-xvwj", "GHSA-fvcv-3m26-pcqx" ], "Output Weaponization": [ "GHSA-rv95-896h-c2vc", "GHSA-3p68-rc4w-qgx5", "GHSA-8hc4-vh64-cxmj", "GHSA-fvcv-3m26-pcqx", "GHSA-jr5f-v2jv-69x6" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-43fc-jf86-j433", "GHSA-4hjh-wcwx-xvwj" ], "Tool Poisoning": [ "GHSA-43fc-jf86-j433", "GHSA-fvcv-3m26-pcqx" ], "Privilege Escalation": [ "GHSA-fvcv-3m26-pcqx" ], "Credential Scope": [ "GHSA-fvcv-3m26-pcqx", "GHSA-jr5f-v2jv-69x6" ] }, "direct_vulns": [], "dep_vulns": { "express": [ { "id": "GHSA-qw6h-vgh9-j6wx", "severity": "LOW", "summary": "express vulnerable to XSS via response.redirect()" }, { "id": "GHSA-rv95-896h-c2vc", "severity": "MEDIUM", "summary": "Express.js Open Redirect in malformed URLs" } ], "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ], "axios": [ { "id": "GHSA-3p68-rc4w-qgx5", "severity": "MEDIUM", "summary": "Axios has a NO_PROXY Hostname Normalization Bypass that Leads to SSRF" }, { "id": "GHSA-43fc-jf86-j433", "severity": "HIGH", "summary": "Axios is Vulnerable to Denial of Service via __proto__ Key in mergeConfig" }, { "id": "GHSA-4hjh-wcwx-xvwj", "severity": "HIGH", "summary": "Axios is vulnerable to DoS attack through lack of data size check" }, { "id": "GHSA-8hc4-vh64-cxmj", "severity": "HIGH", "summary": "Server-Side Request Forgery in axios" }, { "id": "GHSA-fvcv-3m26-pcqx", "severity": "MEDIUM", "summary": "Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain" }, { "id": "GHSA-jr5f-v2jv-69x6", "severity": "HIGH", "summary": "axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL" } ] } }, { "name": "ios-simulator-mcp", "version": "1.6.0", "ecosystem": "npm", "description": "MCP server for interacting with the iOS simulator", "github_url": "git+https://github.com/joshuayoes/ios-simulator-mcp.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@abhiz123/todoist-mcp-server", "version": "0.1.0", "ecosystem": "npm", "description": "MCP server for Todoist API integration", "github_url": "git+https://github.com/abhiz123/todoist-mcp-server.git", "total_cves": 2, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "@socialneuron/mcp-server", "version": "1.7.10", "ecosystem": "npm", "description": "MCP server for Social Neuron - AI content creation platform", "github_url": "git+https://github.com/socialneuron/mcp-server.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@cariot-labs/cariot-mcp-server", "version": "1.2.3", "ecosystem": "npm", "description": "MCP server for Cariot", "github_url": "git+https://github.com/CariotInc/cariot-mcp-server.git", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "recruitcrm-mcp-server", "version": "0.5.3", "ecosystem": "npm", "description": "Recruit CRM MCP Server", "github_url": "", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@florentine-ai/mcp", "version": "1.0.0", "ecosystem": "npm", "description": "Florentine.ai MCP server \u2013 query MongoDB & MySQL databases in natural language", "github_url": "git+https://github.com/florentine-ai/mcp.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@trustpager/mcp-server", "version": "1.4.4", "ecosystem": "npm", "description": "MCP server for TrustPager \u00e2\u20ac\u201d connect Claude to your CRM", "github_url": "", "total_cves": 2, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "@pactosigna/mcp-server", "version": "0.1.111", "ecosystem": "npm", "description": "MCP server for PactoSigna QMS \u2014 connects Claude Desktop, Cursor, and other AI tools to your quality management system", "github_url": "git+https://github.com/PactoSigna/PactoSigna.Experience.GitWeb.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "gemini-mcp-tool", "version": "1.1.4", "ecosystem": "npm", "description": "MCP server for Gemini CLI integration", "github_url": "git+https://github.com/jamubc/gemini-mcp-tool.git", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w", "GHSA-rwvc-j5jr-mgvh" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ], "ai": [ { "id": "GHSA-rwvc-j5jr-mgvh", "severity": "LOW", "summary": "Vercel\u2019s AI SDK's filetype whitelists can be bypassed when uploading files" } ] } }, { "name": "@sylphx/mcp-server-sdk", "version": "2.1.1", "ecosystem": "npm", "description": "Pure functional MCP server SDK for Node.js and Bun - type-safe, high performance", "github_url": "git+https://github.com/SylphxAI/mcp-server-sdk.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@withpica/mcp-server", "version": "2.47.0", "ecosystem": "npm", "description": "MCP Server for PICA Platform - enables AI assistants to interact with PICA", "github_url": "", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@leonardsellem/n8n-mcp-server", "version": "0.1.8", "ecosystem": "npm", "description": "Model Context Protocol (MCP) server for n8n workflow automation", "github_url": "git+https://github.com/leonardsellem/n8n-mcp-server.git", "total_cves": 8, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w", "GHSA-3p68-rc4w-qgx5", "GHSA-4hjh-wcwx-xvwj", "GHSA-fvcv-3m26-pcqx" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-43fc-jf86-j433", "GHSA-4hjh-wcwx-xvwj" ], "Output Weaponization": [ "GHSA-3p68-rc4w-qgx5", "GHSA-8hc4-vh64-cxmj", "GHSA-fvcv-3m26-pcqx", "GHSA-jr5f-v2jv-69x6" ], "Tool Poisoning": [ "GHSA-43fc-jf86-j433", "GHSA-fvcv-3m26-pcqx" ], "Privilege Escalation": [ "GHSA-fvcv-3m26-pcqx" ], "Credential Scope": [ "GHSA-fvcv-3m26-pcqx", "GHSA-jr5f-v2jv-69x6" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ], "axios": [ { "id": "GHSA-3p68-rc4w-qgx5", "severity": "MEDIUM", "summary": "Axios has a NO_PROXY Hostname Normalization Bypass that Leads to SSRF" }, { "id": "GHSA-43fc-jf86-j433", "severity": "HIGH", "summary": "Axios is Vulnerable to Denial of Service via __proto__ Key in mergeConfig" }, { "id": "GHSA-4hjh-wcwx-xvwj", "severity": "HIGH", "summary": "Axios is vulnerable to DoS attack through lack of data size check" }, { "id": "GHSA-8hc4-vh64-cxmj", "severity": "HIGH", "summary": "Server-Side Request Forgery in axios" }, { "id": "GHSA-fvcv-3m26-pcqx", "severity": "MEDIUM", "summary": "Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain" }, { "id": "GHSA-jr5f-v2jv-69x6", "severity": "HIGH", "summary": "axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL" } ] } }, { "name": "dataforseo-mcp-server", "version": "2.8.10", "ecosystem": "npm", "description": "A Model Context Protocol (MCP) server for the DataForSEO API, enabling modular and extensible integration of DataForSEO endpoints with support for both HTTP and SSE transports.", "github_url": "git+https://github.com/dataforseo/mcp-server-typescript.git", "total_cves": 8, "max_severity": "HIGH", "tactic_exposure": { "Prompt Injection": [ "GHSA-qw6h-vgh9-j6wx", "GHSA-cvhv-6xm6-c3v4", "GHSA-w5cr-2qhr-jqc5" ], "Code Execution": [ "GHSA-rv95-896h-c2vc", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w", "GHSA-cvhv-6xm6-c3v4", "GHSA-r7x9-8ph7-w8cg", "GHSA-w5cr-2qhr-jqc5", "GHSA-36p8-mvp6-cv38" ], "Output Weaponization": [ "GHSA-rv95-896h-c2vc" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "express": [ { "id": "GHSA-qw6h-vgh9-j6wx", "severity": "LOW", "summary": "express vulnerable to XSS via response.redirect()" }, { "id": "GHSA-rv95-896h-c2vc", "severity": "MEDIUM", "summary": "Express.js Open Redirect in malformed URLs" } ], "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ], "agents": [ { "id": "GHSA-cvhv-6xm6-c3v4", "severity": "MEDIUM", "summary": "Cloudflare Agents is Vulnerable to Reflected Cross-Site Scripting in the AI Playground's OAuth callback handler" }, { "id": "GHSA-r7x9-8ph7-w8cg", "severity": "MEDIUM", "summary": "Cloudflare Agents SDK has Insecure Direct Object Reference (IDOR) via Header-Based Email Routing" }, { "id": "GHSA-w5cr-2qhr-jqc5", "severity": "MEDIUM", "summary": "Cloudflare Agents has a Reflected Cross-Site Scripting (XSS) vulnerability in AI Playground site" } ], "wrangler": [ { "id": "GHSA-36p8-mvp6-cv38", "severity": "HIGH", "summary": "Wrangler affected by OS Command Injection in `wrangler pages deploy`" } ] } }, { "name": "@opendata.cat/mcp-server", "version": "0.3.3", "ecosystem": "npm", "description": "MCP server for querying Catalan public open data \u2014 2,850+ datasets from 14 portals", "github_url": "git+https://github.com/xaviviro/Opendata.cat-MCP-Server.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@hypertrack/mcp-server", "version": "0.1.55", "ecosystem": "npm", "description": "HyperTrack MCP Server - Query your HyperTrack account through AI assistants", "github_url": "git+https://github.com/hypertrack/feature-foundation.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@siemens/ix-mcp-angular", "version": "4.4.0-v.1.10.4", "ecosystem": "npm", "description": "iX MCP server for Angular", "github_url": "https://code.siemens.com/ux/sdl-mcp", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "outline-mcp-server", "version": "5.8.5", "ecosystem": "npm", "description": "An MCP server for interacting with Outline's API", "github_url": "git+https://github.com/mmmeff/outline-mcp-server.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "zubeid-youtube-mcp-server", "version": "1.0.0", "ecosystem": "npm", "description": "YouTube MCP Server Implementation", "github_url": "git+https://github.com/ZubeidHendricks/youtube-mcp-server.git", "total_cves": 2, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "@a-bonus/google-docs-mcp", "version": "1.9.0", "ecosystem": "npm", "description": "MCP server for Google Docs, Sheets, Drive, Gmail, and Calendar", "github_url": "", "total_cves": 1, "max_severity": "MEDIUM", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-38c4-r59v-3vqw" ] }, "direct_vulns": [], "dep_vulns": { "markdown-it": [ { "id": "GHSA-38c4-r59v-3vqw", "severity": "MEDIUM", "summary": "markdown-it is has a Regular Expression Denial of Service (ReDoS)" } ] } }, { "name": "efficient-gitlab-mcp-server", "version": "2.27.0", "ecosystem": "npm", "description": "Production-ready GitLab MCP Server with progressive disclosure pattern", "github_url": "git+https://github.com/detailobsessed/efficient-gitlab-mcp.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "ollama-mcp-server", "version": "1.1.0", "ecosystem": "npm", "description": "Modern MCP server for Ollama \u2013 rebooted and actively maintained.", "github_url": "git+https://github.com/hyzhak/ollama-mcp-server.git", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "lsp-mcp-server", "version": "1.1.15", "ecosystem": "npm", "description": "MCP server bridging Claude Code to Language Server Protocol servers", "github_url": "git+https://github.com/ProfessioneIT/lsp-mcp-server.git", "total_cves": 2, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "@burtthecoder/mcp-virustotal", "version": "1.0.21", "ecosystem": "npm", "description": "MCP server for VirusTotal API integration", "github_url": "git+https://github.com/BurtTheCoder/mcp-virustotal.git", "total_cves": 1, "max_severity": "MEDIUM", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-m95q-7qp3-xv42" ] }, "direct_vulns": [], "dep_vulns": { "zod": [ { "id": "GHSA-m95q-7qp3-xv42", "severity": "MEDIUM", "summary": "Zod denial of service vulnerability" } ] } }, { "name": "@siemens/ix-mcp", "version": "4.4.0-v.1.10.4", "ecosystem": "npm", "description": "iX MCP server", "github_url": "https://code.siemens.com/ux/sdl-mcp", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@diviops/mcp-server", "version": "0.2.21", "ecosystem": "npm", "description": "MCP server exposing Divi 5 Visual Builder as tools for Claude", "github_url": "git+https://github.com/oaris-dev/diviops.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@inscada/mcp-server", "version": "1.7.1", "ecosystem": "npm", "description": "inSCADA MCP Server \u2014 SCADA operations via MCP protocol", "github_url": "git+https://github.com/inscada-app/ins-mcp-desktop-extension.git", "total_cves": 2, "max_severity": "HIGH", "tactic_exposure": { "Tool Poisoning": [ "GHSA-4r6h-8v6p-xvw6" ], "Infrastructure & Runtime": [ "GHSA-5pgg-2g8v-p4x9" ] }, "direct_vulns": [], "dep_vulns": { "xlsx": [ { "id": "GHSA-4r6h-8v6p-xvw6", "severity": "HIGH", "summary": "Prototype Pollution in sheetJS" }, { "id": "GHSA-5pgg-2g8v-p4x9", "severity": "HIGH", "summary": "SheetJS Regular Expression Denial of Service (ReDoS)" } ] } }, { "name": "@ohah/react-native-mcp-server", "version": "0.1.0-rc.14", "ecosystem": "npm", "description": "MCP server for React Native app automation and monitoring", "github_url": "git+https://github.com/ohah/react-native-mcp.git", "total_cves": 7, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-48c2-rrv3-qjmp", "GHSA-8gc5-j5rx-235r", "GHSA-fj3w-jwp8-x2g3", "GHSA-gh4j-gqv2-49f6", "GHSA-jp2q-39xq-3w4g", "GHSA-8r9q-7v3j-jr4g" ], "Code Execution": [ "GHSA-8gc5-j5rx-235r", "GHSA-jp2q-39xq-3w4g", "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g" ], "Prompt Injection": [ "GHSA-gh4j-gqv2-49f6" ], "Tool Poisoning": [ "GHSA-gh4j-gqv2-49f6" ] }, "direct_vulns": [], "dep_vulns": { "yaml": [ { "id": "GHSA-48c2-rrv3-qjmp", "severity": "MEDIUM", "summary": "yaml is vulnerable to Stack Overflow via deeply nested YAML collections" } ], "fast-xml-parser": [ { "id": "GHSA-8gc5-j5rx-235r", "severity": "HIGH", "summary": "fast-xml-parser affected by numeric entity expansion bypassing all entity expansion limits (incomplete fix for CVE-2026-26278)" }, { "id": "GHSA-fj3w-jwp8-x2g3", "severity": "LOW", "summary": "fast-xml-parser has stack overflow in XMLBuilder with preserveOrder" }, { "id": "GHSA-gh4j-gqv2-49f6", "severity": "MEDIUM", "summary": "fast-xml-parser XMLBuilder: XML Comment and CDATA Injection via Unescaped Delimiters" }, { "id": "GHSA-jp2q-39xq-3w4g", "severity": "MEDIUM", "summary": "Entity Expansion Limits Bypassed When Set to Zero Due to JavaScript Falsy Evaluation in fast-xml-parser" } ], "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" } ] } }, { "name": "@codacy/codacy-mcp", "version": "0.6.21", "ecosystem": "npm", "description": "Codacy MCP server", "github_url": "https://www.codacy.com", "total_cves": 1, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" } ] } }, { "name": "@doitintl/doit-mcp-server", "version": "0.12.0", "ecosystem": "npm", "description": "DoiT official MCP Server", "github_url": "", "total_cves": 2, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "supabase-mcp", "version": "1.5.0", "ecosystem": "npm", "description": "MCP server for Supabase CRUD operations", "github_url": "git+https://github.com/Cappahccino/SB-MCP.git", "total_cves": 5, "max_severity": "HIGH", "tactic_exposure": { "Prompt Injection": [ "GHSA-qw6h-vgh9-j6wx" ], "Code Execution": [ "GHSA-rv95-896h-c2vc", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Output Weaponization": [ "GHSA-rv95-896h-c2vc" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-qwcr-r2fm-qrc7" ] }, "direct_vulns": [], "dep_vulns": { "express": [ { "id": "GHSA-qw6h-vgh9-j6wx", "severity": "LOW", "summary": "express vulnerable to XSS via response.redirect()" }, { "id": "GHSA-rv95-896h-c2vc", "severity": "MEDIUM", "summary": "Express.js Open Redirect in malformed URLs" } ], "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ], "body-parser": [ { "id": "GHSA-qwcr-r2fm-qrc7", "severity": "HIGH", "summary": "body-parser vulnerable to denial of service when url encoding is enabled" } ] } }, { "name": "@onozaty/redmine-mcp-server", "version": "1.2.0", "ecosystem": "npm", "description": "MCP server for Redmine", "github_url": "git+https://github.com/onozaty/redmine-mcp-server.git", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "@ttpears/gitlab-mcp-server", "version": "1.15.0", "ecosystem": "npm", "description": "GitLab MCP Server with GraphQL discovery", "github_url": "git+https://github.com/ttpears/gitlab-mcp.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@unclick/mcp-server", "version": "0.3.40", "ecosystem": "npm", "description": "MCP server for the UnClick tool marketplace \u2014 lets AI agents discover and use every UnClick tool", "github_url": "git+https://github.com/malamutemayhem/unclick-agent-native-endpoints.git", "total_cves": 4, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-gh4j-gqv2-49f6" ], "Prompt Injection": [ "GHSA-gh4j-gqv2-49f6" ], "Tool Poisoning": [ "GHSA-gh4j-gqv2-49f6" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ], "fast-xml-parser": [ { "id": "GHSA-gh4j-gqv2-49f6", "severity": "MEDIUM", "summary": "fast-xml-parser XMLBuilder: XML Comment and CDATA Injection via Unescaped Delimiters" } ] } }, { "name": "@geunoh/s3-mcp-server", "version": "1.3.1", "ecosystem": "npm", "description": "MCP Server for accessing S3 bucket", "github_url": "", "total_cves": 2, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "@goke/mcp", "version": "0.0.10", "ecosystem": "npm", "description": "Dynamically generate CLI commands from MCP server tools", "github_url": "git+https://github.com/remorses/goke.git", "total_cves": 2, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "@siemens/ix-mcp-react", "version": "4.4.0-v.1.10.4", "ecosystem": "npm", "description": "iX MCP server for React", "github_url": "https://code.siemens.com/ux/sdl-mcp", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "uc-mcp-server", "version": "0.2.17", "ecosystem": "npm", "description": "MCP server for UnknownCheats forum \u2014 Cloudflare bypass, thread scraping, code extraction", "github_url": "git+https://github.com/amaralkaff/mcp-unknowncheat.git", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "freee-mcp", "version": "0.26.0", "ecosystem": "npm", "description": "Model Context Protocol (MCP) server for freee API integration", "github_url": "git+https://github.com/freee/freee-mcp.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "confluence-mcp-server", "version": "1.3.0", "ecosystem": "npm", "description": "Confluence MCP server for Cloud/Server/Data Center search/read/create/update", "github_url": "git+https://github.com/qihaze123/confluence-mcp-server.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@larryhudson/linear-mcp-server", "version": "0.1.4", "ecosystem": "npm", "description": "Model Context Protocol (MCP) server for Linear task management system", "github_url": "git+https://github.com/larryhudson/linear-mcp-server-again.git", "total_cves": 2, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "enrichr-mcp-server", "version": "0.2.1", "ecosystem": "npm", "description": "MCP Server for Enrichr gene set enrichment analysis with multi-library support", "github_url": "git+https://github.com/tianqitang1/enrichr-mcp-server.git", "total_cves": 2, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "@mrsknetwork/ytmcp", "version": "1.0.10", "ecosystem": "npm", "description": "YouTube MCP Server", "github_url": "git+https://github.com/mrsknetwork/ytmcp.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "obsidian-mcp-server", "version": "3.1.1", "ecosystem": "npm", "description": "MCP server for Obsidian vaults \u2014 read, write, search, and surgically edit notes, tags, and frontmatter via the Local REST API plugin. STDIO or Streamable HTTP.", "github_url": "git+https://github.com/cyanheads/obsidian-mcp-server.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@henkey/postgres-mcp-server", "version": "1.0.5", "ecosystem": "npm", "description": "A Model Context Protocol (MCP) server that provides comprehensive PostgreSQL database management capabilities for AI assistants", "github_url": "git+https://github.com/HenkDz/postgresql-mcp-server.git", "total_cves": 2, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "@aibtc/mcp-server", "version": "1.50.1", "ecosystem": "npm", "description": "Bitcoin-native MCP server for AI agents: BTC/STX wallets, DeFi yield, sBTC peg, NFTs, and x402 payments.", "github_url": "git+https://github.com/aibtcdev/aibtc-mcp-server.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@kickflow/mcp-server", "version": "1.1.6", "ecosystem": "npm", "description": "MCP Server for kickflow API", "github_url": "git+https://github.com/kickflow/kickflow-mcp-server.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "tradingview-mcp-server", "version": "0.6.1", "ecosystem": "npm", "description": "Unofficial MCP server and CLI for TradingView stock screener API", "github_url": "git+https://github.com/fiale-plus/tradingview-mcp-server.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "youtube-data-mcp-server", "version": "1.0.16", "ecosystem": "npm", "description": "YouTube MCP Server Implementation", "github_url": "", "total_cves": 10, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w", "GHSA-2phv-j68v-wwqx", "GHSA-379q-355j-w6rj", "GHSA-6pfh-p556-v868" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ], "Supply Chain": [ "GHSA-2phv-j68v-wwqx", "GHSA-379q-355j-w6rj", "GHSA-6pfh-p556-v868", "GHSA-6x96-7vc8-cm3p", "GHSA-7vhp-vf5g-r2fw", "GHSA-m733-5w8f-5ggw", "GHSA-v253-rj99-jwpq", "GHSA-xpqm-wm3m-f34h" ], "RAG & Memory Poisoning": [ "GHSA-2phv-j68v-wwqx", "GHSA-6pfh-p556-v868", "GHSA-6x96-7vc8-cm3p", "GHSA-v253-rj99-jwpq", "GHSA-xpqm-wm3m-f34h" ], "Credential Scope": [ "GHSA-379q-355j-w6rj", "GHSA-m733-5w8f-5ggw" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ], "pnpm": [ { "id": "GHSA-2phv-j68v-wwqx", "severity": "HIGH", "summary": "pnpm vulnerable to Command Injection via environment variable substitution" }, { "id": "GHSA-379q-355j-w6rj", "severity": "HIGH", "summary": "pnpm v10+ Bypass \"Dependency lifecycle scripts execution disabled by default\"" }, { "id": "GHSA-6pfh-p556-v868", "severity": "MEDIUM", "summary": "pnpm: Binary ZIP extraction allows arbitrary file write via path traversal (Zip Slip)" }, { "id": "GHSA-6x96-7vc8-cm3p", "severity": "MEDIUM", "summary": "pnpm has Windows-specific tarball Path Traversal" }, { "id": "GHSA-7vhp-vf5g-r2fw", "severity": "HIGH", "summary": "pnpm Has Lockfile Integrity Bypass that Allows Remote Dynamic Dependencies" }, { "id": "GHSA-m733-5w8f-5ggw", "severity": "MEDIUM", "summary": "pnpm has symlink traversal in file:/git dependencies" }, { "id": "GHSA-v253-rj99-jwpq", "severity": "MEDIUM", "summary": "pnpm has Path Traversal via arbitrary file permission modification " }, { "id": "GHSA-xpqm-wm3m-f34h", "severity": "MEDIUM", "summary": "pnpm scoped bin name Path Traversal allows arbitrary file creation outside node_modules/.bin" } ] } }, { "name": "@suthio/redash-mcp", "version": "0.0.13", "ecosystem": "npm", "description": "MCP server for Redash integration", "github_url": "", "total_cves": 8, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-3p68-rc4w-qgx5", "GHSA-4hjh-wcwx-xvwj", "GHSA-fvcv-3m26-pcqx", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Output Weaponization": [ "GHSA-3p68-rc4w-qgx5", "GHSA-8hc4-vh64-cxmj", "GHSA-fvcv-3m26-pcqx", "GHSA-jr5f-v2jv-69x6" ], "Tool Poisoning": [ "GHSA-43fc-jf86-j433", "GHSA-fvcv-3m26-pcqx" ], "Infrastructure & Runtime": [ "GHSA-43fc-jf86-j433", "GHSA-4hjh-wcwx-xvwj", "GHSA-8r9q-7v3j-jr4g" ], "Privilege Escalation": [ "GHSA-fvcv-3m26-pcqx" ], "Credential Scope": [ "GHSA-fvcv-3m26-pcqx", "GHSA-jr5f-v2jv-69x6" ] }, "direct_vulns": [], "dep_vulns": { "axios": [ { "id": "GHSA-3p68-rc4w-qgx5", "severity": "MEDIUM", "summary": "Axios has a NO_PROXY Hostname Normalization Bypass that Leads to SSRF" }, { "id": "GHSA-43fc-jf86-j433", "severity": "HIGH", "summary": "Axios is Vulnerable to Denial of Service via __proto__ Key in mergeConfig" }, { "id": "GHSA-4hjh-wcwx-xvwj", "severity": "HIGH", "summary": "Axios is vulnerable to DoS attack through lack of data size check" }, { "id": "GHSA-8hc4-vh64-cxmj", "severity": "HIGH", "summary": "Server-Side Request Forgery in axios" }, { "id": "GHSA-fvcv-3m26-pcqx", "severity": "MEDIUM", "summary": "Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain" }, { "id": "GHSA-jr5f-v2jv-69x6", "severity": "HIGH", "summary": "axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL" } ], "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "@chakra-ui/react-mcp", "version": "2.1.1", "ecosystem": "npm", "description": "The official MCP server for Chakra UI", "github_url": "git+https://github.com/chakra-ui/chakra-ui.git", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "localization-mcp-server", "version": "1.3.14", "ecosystem": "npm", "description": "MCP server for the localization system \u2014 controlled AI access to translations", "github_url": "", "total_cves": 9, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-3p68-rc4w-qgx5", "GHSA-4hjh-wcwx-xvwj", "GHSA-fvcv-3m26-pcqx", "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w", "GHSA-q89c-q3h5-w34g" ], "Output Weaponization": [ "GHSA-3p68-rc4w-qgx5", "GHSA-fvcv-3m26-pcqx", "GHSA-jr5f-v2jv-69x6", "GHSA-q89c-q3h5-w34g" ], "Tool Poisoning": [ "GHSA-43fc-jf86-j433", "GHSA-fvcv-3m26-pcqx" ], "Infrastructure & Runtime": [ "GHSA-43fc-jf86-j433", "GHSA-4hjh-wcwx-xvwj", "GHSA-8r9q-7v3j-jr4g" ], "Privilege Escalation": [ "GHSA-fvcv-3m26-pcqx" ], "Credential Scope": [ "GHSA-fvcv-3m26-pcqx", "GHSA-jr5f-v2jv-69x6", "GHSA-q89c-q3h5-w34g" ], "RAG & Memory Poisoning": [ "GHSA-q89c-q3h5-w34g" ] }, "direct_vulns": [], "dep_vulns": { "axios": [ { "id": "GHSA-3p68-rc4w-qgx5", "severity": "MEDIUM", "summary": "Axios has a NO_PROXY Hostname Normalization Bypass that Leads to SSRF" }, { "id": "GHSA-43fc-jf86-j433", "severity": "HIGH", "summary": "Axios is Vulnerable to Denial of Service via __proto__ Key in mergeConfig" }, { "id": "GHSA-4hjh-wcwx-xvwj", "severity": "HIGH", "summary": "Axios is vulnerable to DoS attack through lack of data size check" }, { "id": "GHSA-fvcv-3m26-pcqx", "severity": "MEDIUM", "summary": "Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain" }, { "id": "GHSA-jr5f-v2jv-69x6", "severity": "HIGH", "summary": "axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL" } ], "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ], "i18next-http-backend": [ { "id": "GHSA-q89c-q3h5-w34g", "severity": "MEDIUM", "summary": " i18next-http-backend has Path Traversal & URL Injection via Unsanitised lng/ns" } ] } }, { "name": "@auth0/auth0-mcp-server", "version": "0.1.0-beta.11", "ecosystem": "npm", "description": "Auth0 Model Context Protocol (MCP) Server (Beta) \u2014 A secure and extendable implementation of an MCP server that provides AI assistants with controlled access to the Auth0 Management API through natural language. This project is in beta and not intended fo", "github_url": "git+https://github.com/auth0/auth0-mcp-server.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "mcp-server-sqlite", "version": "0.0.2", "ecosystem": "npm", "description": "Model Context Protocol (MCP) server for SQLite database operations", "github_url": "git+https://github.com/madnh/mcp-server-sqlite.git", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "mcp-server-scf", "version": "1.0.12", "ecosystem": "npm", "description": "MCP server for the SCF Controls Platform \u2014 security compliance controls, frameworks, evidence, and risk management for AI agents", "github_url": "git+https://github.com/MarkAC007/mcp-server-scf.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@humancheck/mcp-server", "version": "0.14.1", "ecosystem": "npm", "description": "MCP Server for HumanCheck \u2014 integrate human validation into AI workflows", "github_url": "git+https://github.com/hellospacetech/humancheck.git", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "brilliant-directories-mcp", "version": "6.43.2", "ecosystem": "npm", "description": "Official MCP server for Brilliant Directories \u2014 manage members, posts, leads, reviews, and more.", "github_url": "git+https://github.com/brilliantdirectories/brilliant-directories-mcp.git", "total_cves": 2, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "newsnow-mcp-server", "version": "0.0.11", "ecosystem": "npm", "description": "NewsNow MCP Server", "github_url": "git+https://github.com/ourongxing/newsnow-mcp-server.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@aborruso/ckan-mcp-server", "version": "0.4.99", "ecosystem": "npm", "description": "MCP server for interacting with CKAN open data portals", "github_url": "", "total_cves": 7, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-3p68-rc4w-qgx5", "GHSA-4hjh-wcwx-xvwj", "GHSA-fvcv-3m26-pcqx" ], "Output Weaponization": [ "GHSA-3p68-rc4w-qgx5", "GHSA-8hc4-vh64-cxmj", "GHSA-fvcv-3m26-pcqx", "GHSA-jr5f-v2jv-69x6" ], "Tool Poisoning": [ "GHSA-43fc-jf86-j433", "GHSA-fvcv-3m26-pcqx" ], "Infrastructure & Runtime": [ "GHSA-43fc-jf86-j433", "GHSA-4hjh-wcwx-xvwj" ], "Privilege Escalation": [ "GHSA-fvcv-3m26-pcqx" ], "Credential Scope": [ "GHSA-fvcv-3m26-pcqx", "GHSA-jr5f-v2jv-69x6" ], "Prompt Injection": [ "GHSA-qw6h-vgh9-j6wx" ] }, "direct_vulns": [], "dep_vulns": { "axios": [ { "id": "GHSA-3p68-rc4w-qgx5", "severity": "MEDIUM", "summary": "Axios has a NO_PROXY Hostname Normalization Bypass that Leads to SSRF" }, { "id": "GHSA-43fc-jf86-j433", "severity": "HIGH", "summary": "Axios is Vulnerable to Denial of Service via __proto__ Key in mergeConfig" }, { "id": "GHSA-4hjh-wcwx-xvwj", "severity": "HIGH", "summary": "Axios is vulnerable to DoS attack through lack of data size check" }, { "id": "GHSA-8hc4-vh64-cxmj", "severity": "HIGH", "summary": "Server-Side Request Forgery in axios" }, { "id": "GHSA-fvcv-3m26-pcqx", "severity": "MEDIUM", "summary": "Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain" }, { "id": "GHSA-jr5f-v2jv-69x6", "severity": "HIGH", "summary": "axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL" } ], "express": [ { "id": "GHSA-qw6h-vgh9-j6wx", "severity": "LOW", "summary": "express vulnerable to XSS via response.redirect()" } ] } }, { "name": "mcp-image", "version": "0.11.0", "ecosystem": "npm", "description": "MCP server for AI image generation", "github_url": "git+https://github.com/shinpr/mcp-image.git", "total_cves": 2, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "@agenttrust/mcp-server", "version": "1.2.1", "ecosystem": "npm", "description": "Free email for AI agents, instant messaging between agents, and cloud file storage \u2014 all through one MCP server", "github_url": "git+https://github.com/agenttrust/mcp-server.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "@primeng/mcp", "version": "21.1.6", "ecosystem": "npm", "description": "Model Context Protocol (MCP) server for PrimeNg component library", "github_url": "git+https://github.com/primefaces/primeng.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "mcp-codex-worker", "version": "1.0.34", "ecosystem": "npm", "description": "MCP server bridge for Codex app-server", "github_url": "git+https://github.com/yigitkonur/mcp-codex-worker.git", "total_cves": 2, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-w48q-cv73-mx4w" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" }, { "id": "GHSA-w48q-cv73-mx4w", "severity": "HIGH", "summary": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default" } ] } }, { "name": "@assistant-ui/mcp-docs-server", "version": "0.1.30", "ecosystem": "npm", "description": "MCP server for assistant-ui documentation and examples", "github_url": "git+https://github.com/assistant-ui/assistant-ui.git", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "docusaurus-plugin-mcp-server", "version": "0.12.0", "ecosystem": "npm", "description": "A Docusaurus plugin that exposes an MCP server endpoint for AI agents to search and retrieve documentation", "github_url": "git+https://github.com/scalvert/docusaurus-plugin-mcp-server.git", "total_cves": 2, "max_severity": "HIGH", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" } ] } }, { "name": "00-merlin-hu-mcpdemo-pipy", "version": "0.1.1", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ] } }, { "name": "021-mcp", "version": "0.1.4", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 9, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47", "GHSA-6w46-j5rx-g56g" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ], "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ] } }, { "name": "100-mcping", "version": "1.0.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 2, "max_severity": "MEDIUM", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-6w46-j5rx-g56g", "GHSA-3rq5-2g8h-59hc" ], "Code Execution": [ "GHSA-3rq5-2g8h-59hc" ] }, "direct_vulns": [], "dep_vulns": { "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ], "dnspython": [ { "id": "GHSA-3rq5-2g8h-59hc", "severity": "MEDIUM", "summary": "Potential DoS via the Tudoor mechanism in eventlet and dnspython" } ] } }, { "name": "12306-mcp", "version": "0.1.7", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 52, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47", "GHSA-2vrm-gr82-f7m5", "GHSA-3wq7-rqq7-wx6j", "GHSA-45c4-8wx5-qw6w", "GHSA-5m98-qgg9-wh84", "GHSA-63hf-3vf5-4wqf", "GHSA-69f9-5gxw-wvc2", "GHSA-6jhg-hg63-jvvf", "GHSA-6mq8-rvhq-8wgg", "GHSA-8495-4g3g-x7pr", "GHSA-9548-qrrj-x5pj", "GHSA-966j-vmvw-g2g9", "GHSA-c427-h43c-vf67", "GHSA-fh55-r93g-j68g", "GHSA-g84x-mcqj-x9qq", "GHSA-hcc4-c3v8-rx92", "GHSA-jj3x-wxrx-4x23", "GHSA-m5qp-6w8w-w647", "GHSA-mqqc-3gqh-h2x8", "GHSA-mwh4-6h8g-pg8w", "GHSA-pjjw-qhg8-p2p9", "GHSA-q3qx-c6g2-7pw2", "GHSA-qvrw-v9rv-5rjx", "GHSA-w2fm-2cpv-w7v5", "PYSEC-2023-120", "PYSEC-2023-246", "PYSEC-2023-250", "PYSEC-2023-251", "GHSA-652x-xj99-gmcc", "GHSA-9wx4-h78v-vm56", "GHSA-gc5v-m9x4-r6x2", "PYSEC-2014-14" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh", "GHSA-3wq7-rqq7-wx6j", "GHSA-54jq-c3m8-4m76", "GHSA-8qpw-xqxj-h4r2", "GHSA-gfw2-4jvh-wgfg", "GHSA-p998-jp59-783m", "PYSEC-2024-26" ], "RAG & Memory Poisoning": [ "GHSA-54jq-c3m8-4m76", "GHSA-xx9p-xxvh-7g8j" ], "Prompt Injection": [ "GHSA-7gpw-8wmc-pm8g" ], "Credential Scope": [ "GHSA-p998-jp59-783m", "GHSA-9hjg-9r4m-mvj7", "GHSA-cfj3-7x9c-4p3h", "GHSA-x84v-xcm2-53pg", "PYSEC-2014-13", "PYSEC-2018-28" ], "Output Weaponization": [ "GHSA-p998-jp59-783m", "GHSA-v6wp-4m6f-gcjg", "GHSA-xx9p-xxvh-7g8j", "PYSEC-2021-76", "PYSEC-2023-247" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ], "aiohttp": [ { "id": "GHSA-2vrm-gr82-f7m5", "severity": "LOW", "summary": "AIOHTTP has CRLF injection through multipart part content type header construction" }, { "id": "GHSA-3wq7-rqq7-wx6j", "severity": "LOW", "summary": "AIOHTTP has late size enforcement for non-file multipart fields causes memory DoS" }, { "id": "GHSA-45c4-8wx5-qw6w", "severity": "MEDIUM", "summary": "aiohttp.web.Application vulnerable to HTTP request smuggling via llhttp HTTP request parser" }, { "id": "GHSA-54jq-c3m8-4m76", "severity": "LOW", "summary": "AIOHTTP vulnerable to brute-force leak of internal static \ufb01le path components" }, { "id": "GHSA-5m98-qgg9-wh84", "severity": "HIGH", "summary": "aiohttp vulnerable to Denial of Service when trying to parse malformed POST requests" }, { "id": "GHSA-63hf-3vf5-4wqf", "severity": "LOW", "summary": "AIOHTTP's C parser (llhttp) accepts null bytes and control characters in response header values - header injection/security bypass" }, { "id": "GHSA-69f9-5gxw-wvc2", "severity": "LOW", "summary": "AIOHTTP's unicode processing of header values could cause parsing discrepancies" }, { "id": "GHSA-6jhg-hg63-jvvf", "severity": "MEDIUM", "summary": "AIOHTTP vulnerable to denial of service through large payloads" }, { "id": "GHSA-6mq8-rvhq-8wgg", "severity": "HIGH", "summary": "AIOHTTP's HTTP Parser auto_decompress feature is vulnerable to zip bomb" }, { "id": "GHSA-7gpw-8wmc-pm8g", "severity": "MEDIUM", "summary": "aiohttp Cross-site Scripting vulnerability on index pages for static file handling" }, { "id": "GHSA-8495-4g3g-x7pr", "severity": "MEDIUM", "summary": "aiohttp allows request smuggling due to incorrect parsing of chunk extensions" }, { "id": "GHSA-8qpw-xqxj-h4r2", "severity": "MEDIUM", "summary": "aiohttp's HTTP parser (the python one, not llhttp) still overly lenient about separators" }, { "id": "GHSA-9548-qrrj-x5pj", "severity": "LOW", "summary": " AIOHTTP is vulnerable to HTTP Request/Response Smuggling through incorrect parsing of chunked trailer sections" }, { "id": "GHSA-966j-vmvw-g2g9", "severity": "LOW", "summary": "AIOHTTP leaks Cookie and Proxy-Authorization headers on cross-origin redirect" }, { "id": "GHSA-c427-h43c-vf67", "severity": "MEDIUM", "summary": "AIOHTTP accepts duplicate Host headers" }, { "id": "GHSA-fh55-r93g-j68g", "severity": "LOW", "summary": "AIOHTTP Vulnerable to Cookie Parser Warning Storm" }, { "id": "GHSA-g84x-mcqj-x9qq", "severity": "MEDIUM", "summary": "AIOHTTP vulnerable to DoS through chunked messages" }, { "id": "GHSA-gfw2-4jvh-wgfg", "severity": "MEDIUM", "summary": "AIOHTTP has problems in HTTP parser (the python one, not llhttp)" }, { "id": "GHSA-hcc4-c3v8-rx92", "severity": "LOW", "summary": "AIOHTTP Affected by Denial of Service (DoS) via Unbounded DNS Cache in TCPConnector" }, { "id": "GHSA-jj3x-wxrx-4x23", "severity": "MEDIUM", "summary": "AIOHTTP vulnerable to DoS when bypassing asserts" }, { "id": "GHSA-m5qp-6w8w-w647", "severity": "MEDIUM", "summary": "AIOHTTP has a Multipart Header Size Bypass" }, { "id": "GHSA-mqqc-3gqh-h2x8", "severity": "LOW", "summary": "AIOHTTP has unicode match groups in regexes for ASCII protocol elements" }, { "id": "GHSA-mwh4-6h8g-pg8w", "severity": "LOW", "summary": "AIOHTTP has HTTP response splitting via \\r in reason phrase" }, { "id": "GHSA-p998-jp59-783m", "severity": "MEDIUM", "summary": "AIOHTTP affected by UNC SSRF/NTLMv2 Credential Theft/Local File Read in static resource handler on Windows" }, { "id": "GHSA-pjjw-qhg8-p2p9", "severity": "MEDIUM", "summary": "aiohttp has vulnerable dependency that is vulnerable to request smuggling" }, { "id": "GHSA-q3qx-c6g2-7pw2", "severity": "MEDIUM", "summary": "aiohttp's ClientSession is vulnerable to CRLF injection via version" }, { "id": "GHSA-qvrw-v9rv-5rjx", "severity": "MEDIUM", "summary": "aiohttp's ClientSession is vulnerable to CRLF injection via method" }, { "id": "GHSA-v6wp-4m6f-gcjg", "severity": "LOW", "summary": "`aiohttp` Open Redirect vulnerability (`normalize_path_middleware` middleware)" }, { "id": "GHSA-w2fm-2cpv-w7v5", "severity": "MEDIUM", "summary": "aiohttp allows unlimited trailer headers, leading to possible uncapped memory usage" }, { "id": "GHSA-xx9p-xxvh-7g8j", "severity": "LOW", "summary": "Aiohttp has inconsistent interpretation of `Content-Length` vs. `Transfer-Encoding` differing in C and Python fallbacks" }, { "id": "PYSEC-2021-76", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-120", "severity": "UNKNOWN", "summary": "aiohttp.web.Application vulnerable to HTTP request smuggling via llhttp HTTP request parser" }, { "id": "PYSEC-2023-246", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-247", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-250", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-251", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-26", "severity": "UNKNOWN", "summary": "" } ], "requests": [ { "id": "GHSA-652x-xj99-gmcc", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-9hjg-9r4m-mvj7", "severity": "MEDIUM", "summary": "Requests vulnerable to .netrc credentials leak via malicious URLs" }, { "id": "GHSA-9wx4-h78v-vm56", "severity": "MEDIUM", "summary": "Requests `Session` object does not verify requests after making first request with verify=False" }, { "id": "GHSA-cfj3-7x9c-4p3h", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-gc5v-m9x4-r6x2", "severity": "MEDIUM", "summary": "Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function" }, { "id": "GHSA-x84v-xcm2-53pg", "severity": "HIGH", "summary": "Insufficiently Protected Credentials in Requests" }, { "id": "PYSEC-2014-13", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-14", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2018-28", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "12306-search-mcp", "version": "0.1.4", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 49, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-2vrm-gr82-f7m5", "GHSA-3wq7-rqq7-wx6j", "GHSA-45c4-8wx5-qw6w", "GHSA-5m98-qgg9-wh84", "GHSA-63hf-3vf5-4wqf", "GHSA-69f9-5gxw-wvc2", "GHSA-6jhg-hg63-jvvf", "GHSA-6mq8-rvhq-8wgg", "GHSA-8495-4g3g-x7pr", "GHSA-9548-qrrj-x5pj", "GHSA-966j-vmvw-g2g9", "GHSA-c427-h43c-vf67", "GHSA-fh55-r93g-j68g", "GHSA-g84x-mcqj-x9qq", "GHSA-hcc4-c3v8-rx92", "GHSA-jj3x-wxrx-4x23", "GHSA-m5qp-6w8w-w647", "GHSA-mqqc-3gqh-h2x8", "GHSA-mwh4-6h8g-pg8w", "GHSA-pjjw-qhg8-p2p9", "GHSA-q3qx-c6g2-7pw2", "GHSA-qvrw-v9rv-5rjx", "GHSA-w2fm-2cpv-w7v5", "PYSEC-2023-120", "PYSEC-2023-246", "PYSEC-2023-250", "PYSEC-2023-251", "GHSA-652x-xj99-gmcc", "GHSA-9wx4-h78v-vm56", "GHSA-gc5v-m9x4-r6x2", "PYSEC-2014-14" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh", "GHSA-3wq7-rqq7-wx6j", "GHSA-54jq-c3m8-4m76", "GHSA-8qpw-xqxj-h4r2", "GHSA-gfw2-4jvh-wgfg", "GHSA-p998-jp59-783m", "PYSEC-2024-26" ], "RAG & Memory Poisoning": [ "GHSA-54jq-c3m8-4m76", "GHSA-xx9p-xxvh-7g8j" ], "Prompt Injection": [ "GHSA-7gpw-8wmc-pm8g" ], "Credential Scope": [ "GHSA-p998-jp59-783m", "GHSA-9hjg-9r4m-mvj7", "GHSA-cfj3-7x9c-4p3h", "GHSA-x84v-xcm2-53pg", "PYSEC-2014-13", "PYSEC-2018-28" ], "Output Weaponization": [ "GHSA-p998-jp59-783m", "GHSA-v6wp-4m6f-gcjg", "GHSA-xx9p-xxvh-7g8j", "PYSEC-2021-76", "PYSEC-2023-247" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "aiohttp": [ { "id": "GHSA-2vrm-gr82-f7m5", "severity": "LOW", "summary": "AIOHTTP has CRLF injection through multipart part content type header construction" }, { "id": "GHSA-3wq7-rqq7-wx6j", "severity": "LOW", "summary": "AIOHTTP has late size enforcement for non-file multipart fields causes memory DoS" }, { "id": "GHSA-45c4-8wx5-qw6w", "severity": "MEDIUM", "summary": "aiohttp.web.Application vulnerable to HTTP request smuggling via llhttp HTTP request parser" }, { "id": "GHSA-54jq-c3m8-4m76", "severity": "LOW", "summary": "AIOHTTP vulnerable to brute-force leak of internal static \ufb01le path components" }, { "id": "GHSA-5m98-qgg9-wh84", "severity": "HIGH", "summary": "aiohttp vulnerable to Denial of Service when trying to parse malformed POST requests" }, { "id": "GHSA-63hf-3vf5-4wqf", "severity": "LOW", "summary": "AIOHTTP's C parser (llhttp) accepts null bytes and control characters in response header values - header injection/security bypass" }, { "id": "GHSA-69f9-5gxw-wvc2", "severity": "LOW", "summary": "AIOHTTP's unicode processing of header values could cause parsing discrepancies" }, { "id": "GHSA-6jhg-hg63-jvvf", "severity": "MEDIUM", "summary": "AIOHTTP vulnerable to denial of service through large payloads" }, { "id": "GHSA-6mq8-rvhq-8wgg", "severity": "HIGH", "summary": "AIOHTTP's HTTP Parser auto_decompress feature is vulnerable to zip bomb" }, { "id": "GHSA-7gpw-8wmc-pm8g", "severity": "MEDIUM", "summary": "aiohttp Cross-site Scripting vulnerability on index pages for static file handling" }, { "id": "GHSA-8495-4g3g-x7pr", "severity": "MEDIUM", "summary": "aiohttp allows request smuggling due to incorrect parsing of chunk extensions" }, { "id": "GHSA-8qpw-xqxj-h4r2", "severity": "MEDIUM", "summary": "aiohttp's HTTP parser (the python one, not llhttp) still overly lenient about separators" }, { "id": "GHSA-9548-qrrj-x5pj", "severity": "LOW", "summary": " AIOHTTP is vulnerable to HTTP Request/Response Smuggling through incorrect parsing of chunked trailer sections" }, { "id": "GHSA-966j-vmvw-g2g9", "severity": "LOW", "summary": "AIOHTTP leaks Cookie and Proxy-Authorization headers on cross-origin redirect" }, { "id": "GHSA-c427-h43c-vf67", "severity": "MEDIUM", "summary": "AIOHTTP accepts duplicate Host headers" }, { "id": "GHSA-fh55-r93g-j68g", "severity": "LOW", "summary": "AIOHTTP Vulnerable to Cookie Parser Warning Storm" }, { "id": "GHSA-g84x-mcqj-x9qq", "severity": "MEDIUM", "summary": "AIOHTTP vulnerable to DoS through chunked messages" }, { "id": "GHSA-gfw2-4jvh-wgfg", "severity": "MEDIUM", "summary": "AIOHTTP has problems in HTTP parser (the python one, not llhttp)" }, { "id": "GHSA-hcc4-c3v8-rx92", "severity": "LOW", "summary": "AIOHTTP Affected by Denial of Service (DoS) via Unbounded DNS Cache in TCPConnector" }, { "id": "GHSA-jj3x-wxrx-4x23", "severity": "MEDIUM", "summary": "AIOHTTP vulnerable to DoS when bypassing asserts" }, { "id": "GHSA-m5qp-6w8w-w647", "severity": "MEDIUM", "summary": "AIOHTTP has a Multipart Header Size Bypass" }, { "id": "GHSA-mqqc-3gqh-h2x8", "severity": "LOW", "summary": "AIOHTTP has unicode match groups in regexes for ASCII protocol elements" }, { "id": "GHSA-mwh4-6h8g-pg8w", "severity": "LOW", "summary": "AIOHTTP has HTTP response splitting via \\r in reason phrase" }, { "id": "GHSA-p998-jp59-783m", "severity": "MEDIUM", "summary": "AIOHTTP affected by UNC SSRF/NTLMv2 Credential Theft/Local File Read in static resource handler on Windows" }, { "id": "GHSA-pjjw-qhg8-p2p9", "severity": "MEDIUM", "summary": "aiohttp has vulnerable dependency that is vulnerable to request smuggling" }, { "id": "GHSA-q3qx-c6g2-7pw2", "severity": "MEDIUM", "summary": "aiohttp's ClientSession is vulnerable to CRLF injection via version" }, { "id": "GHSA-qvrw-v9rv-5rjx", "severity": "MEDIUM", "summary": "aiohttp's ClientSession is vulnerable to CRLF injection via method" }, { "id": "GHSA-v6wp-4m6f-gcjg", "severity": "LOW", "summary": "`aiohttp` Open Redirect vulnerability (`normalize_path_middleware` middleware)" }, { "id": "GHSA-w2fm-2cpv-w7v5", "severity": "MEDIUM", "summary": "aiohttp allows unlimited trailer headers, leading to possible uncapped memory usage" }, { "id": "GHSA-xx9p-xxvh-7g8j", "severity": "LOW", "summary": "Aiohttp has inconsistent interpretation of `Content-Length` vs. `Transfer-Encoding` differing in C and Python fallbacks" }, { "id": "PYSEC-2021-76", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-120", "severity": "UNKNOWN", "summary": "aiohttp.web.Application vulnerable to HTTP request smuggling via llhttp HTTP request parser" }, { "id": "PYSEC-2023-246", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-247", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-250", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-251", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-26", "severity": "UNKNOWN", "summary": "" } ], "requests": [ { "id": "GHSA-652x-xj99-gmcc", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-9hjg-9r4m-mvj7", "severity": "MEDIUM", "summary": "Requests vulnerable to .netrc credentials leak via malicious URLs" }, { "id": "GHSA-9wx4-h78v-vm56", "severity": "MEDIUM", "summary": "Requests `Session` object does not verify requests after making first request with verify=False" }, { "id": "GHSA-cfj3-7x9c-4p3h", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-gc5v-m9x4-r6x2", "severity": "MEDIUM", "summary": "Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function" }, { "id": "GHSA-x84v-xcm2-53pg", "severity": "HIGH", "summary": "Insufficiently Protected Credentials in Requests" }, { "id": "PYSEC-2014-13", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-14", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2018-28", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "171-py-mcp-demo", "version": "0.1.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ] } }, { "name": "17-learnai-mcp-demo", "version": "0.1.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ] } }, { "name": "1up-mcp", "version": "0.1.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 9, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47", "GHSA-mf9w-mj56-hr94" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183" ], "Privilege Escalation": [ "GHSA-mf9w-mj56-hr94" ], "Credential Scope": [ "GHSA-mf9w-mj56-hr94" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ], "python-dotenv": [ { "id": "GHSA-mf9w-mj56-hr94", "severity": "MEDIUM", "summary": "python-dotenv: Symlink following in set_key allows arbitrary file overwrite via cross-device rename fallback" } ] } }, { "name": "1wlf-tms-mcp", "version": "0.1.2", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 5, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "1xn-vmcp", "version": "0.6.1", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 192, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47", "GHSA-6w46-j5rx-g56g", "GHSA-2vrm-gr82-f7m5", "GHSA-3wq7-rqq7-wx6j", "GHSA-45c4-8wx5-qw6w", "GHSA-5m98-qgg9-wh84", "GHSA-63hf-3vf5-4wqf", "GHSA-69f9-5gxw-wvc2", "GHSA-6jhg-hg63-jvvf", "GHSA-6mq8-rvhq-8wgg", "GHSA-8495-4g3g-x7pr", "GHSA-9548-qrrj-x5pj", "GHSA-966j-vmvw-g2g9", "GHSA-c427-h43c-vf67", "GHSA-fh55-r93g-j68g", "GHSA-g84x-mcqj-x9qq", "GHSA-hcc4-c3v8-rx92", "GHSA-jj3x-wxrx-4x23", "GHSA-m5qp-6w8w-w647", "GHSA-mqqc-3gqh-h2x8", "GHSA-mwh4-6h8g-pg8w", "GHSA-pjjw-qhg8-p2p9", "GHSA-q3qx-c6g2-7pw2", "GHSA-qvrw-v9rv-5rjx", "GHSA-w2fm-2cpv-w7v5", "PYSEC-2023-120", "PYSEC-2023-246", "PYSEC-2023-250", "PYSEC-2023-251", "GHSA-mf9w-mj56-hr94", "GHSA-8h2j-cgx8-6xv7", "PYSEC-2021-100", "PYSEC-2024-38", "GHSA-462w-v97r-4m45", "GHSA-8r7q-cvjq-x353", "GHSA-cpwx-vrp4-4pq7", "GHSA-fqh9-2qgg-h84h", "GHSA-g3rq-g295-4j3m", "GHSA-hj2j-77xm-mc5v", "GHSA-q2x7-8rv6-6q7h", "PYSEC-2014-8", "PYSEC-2014-82", "PYSEC-2019-217", "PYSEC-2019-220", "PYSEC-2021-66", "GHSA-5rv5-6h4r-h22v", "PYSEC-2020-73", "GHSA-3c5c-7235-994j", "GHSA-3wvg-mj6g-m9cv", "GHSA-3xv8-3j54-hgrp", "GHSA-43fq-w8qq-v88h", "GHSA-44wm-f244-xhp3", "GHSA-4fx9-vc88-q2xc", "GHSA-57h3-9rgr-c24m", "GHSA-5gm3-px64-rw72", "GHSA-7534-mm45-c74v", "GHSA-7r7m-5h27-29hp", "GHSA-8843-m7mw-mxqm", "GHSA-8ghj-p4vj-mr35", "GHSA-8vj2-vxx3-667w", "GHSA-8xjq-8fcg-g5hw", "GHSA-8xjv-v9xq-m5h9", "GHSA-95q3-8gr9-gm8w", "GHSA-cfmr-38g9-f2h7", "GHSA-cqhg-xjhh-p8hf", "GHSA-f4w8-cv6p-x6r5", "GHSA-f5g8-5qq7-938w", "GHSA-g6rj-rv7j-xwp4", "GHSA-h5rf-vgqx-wjv2", "GHSA-hggx-3h72-49ww", "GHSA-hj69-c76v-86wr", "GHSA-hvr8-466p-75rh", "GHSA-j6f7-g425-4gmx", "GHSA-j7hp-h8jx-5ppr", "GHSA-j7mj-748x-7p78", "GHSA-jgpv-4h4c-xhw3", "GHSA-m2vv-5vj5-2hm7", "GHSA-mvg9-xffr-p774", "GHSA-p49h-hjvm-jg3h", "GHSA-pw3c-h7wp-cvhx", "GHSA-q5hq-fp76-qmrc", "GHSA-r7rm-8j6h-r933", "GHSA-r854-96gq-rfg3", "GHSA-rwr3-c2q8-gm56", "GHSA-vcqg-3p29-xw73", "GHSA-vj42-xq3r-hr3r", "GHSA-vqcj-wrf2-7v73", "GHSA-x895-2wrm-hvp7", "GHSA-xrcv-f9gm-v42c", "PYSEC-2014-10", "PYSEC-2014-22", "PYSEC-2014-23", "PYSEC-2014-87", "PYSEC-2015-15", "PYSEC-2015-16", "PYSEC-2016-19", "PYSEC-2016-5", "PYSEC-2016-6", "PYSEC-2016-7", "PYSEC-2016-8", "PYSEC-2019-110", "PYSEC-2020-172", "PYSEC-2020-76", "PYSEC-2020-77", "PYSEC-2020-78", "PYSEC-2020-79", "PYSEC-2020-80", "PYSEC-2020-81", "PYSEC-2020-82", "PYSEC-2020-83", "PYSEC-2020-84", "PYSEC-2021-137", "PYSEC-2021-138", "PYSEC-2021-139", "PYSEC-2021-317", "PYSEC-2021-331", "PYSEC-2021-35", "PYSEC-2021-36", "PYSEC-2021-37", "PYSEC-2021-38", "PYSEC-2021-39", "PYSEC-2021-40", "PYSEC-2021-41", "PYSEC-2021-42", "PYSEC-2021-69", "PYSEC-2021-70", "PYSEC-2021-92", "PYSEC-2021-93", "PYSEC-2021-94", "PYSEC-2022-10", "PYSEC-2022-168", "PYSEC-2022-42979", "PYSEC-2022-8", "PYSEC-2022-9", "PYSEC-2023-175", "PYSEC-2023-227", "GHSA-6c5p-j8vq-pqhj", "GHSA-cjwg-qfpm-7377", "GHSA-w799-prg3-cx77", "PYSEC-2017-28", "PYSEC-2024-232", "PYSEC-2024-233", "GHSA-2jv5-9r88-3w3p", "GHSA-59g5-xgcq-4qw3", "GHSA-mj87-hwqh-73pj", "GHSA-38fc-9xqv-7f7q", "GHSA-887w-45rq-vxgf", "GHSA-hfg2-wf6j-x53p", "PYSEC-2012-9", "PYSEC-2019-123", "PYSEC-2019-124", "GHSA-2c2j-9gv5-cj73", "GHSA-74m5-2c7w-9w3x", "GHSA-f96h-pmfr-66vw", "PYSEC-2023-48", "GHSA-f97h-2pfx-f59f", "PYSEC-2020-151", "PYSEC-2018-79", "GHSA-fj7x-q9j7-g6q6", "PYSEC-2024-48" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh", "GHSA-3wq7-rqq7-wx6j", "GHSA-54jq-c3m8-4m76", "GHSA-8qpw-xqxj-h4r2", "GHSA-gfw2-4jvh-wgfg", "GHSA-p998-jp59-783m", "PYSEC-2024-26", "GHSA-2xpj-f5g2-8p7m", "PYSEC-2020-24", "PYSEC-2024-38", "GHSA-3f63-hfp8-52jq", "GHSA-3wvg-mj6g-m9cv", "GHSA-5gm3-px64-rw72", "GHSA-8m9x-pxwq-j236", "GHSA-95q3-8gr9-gm8w", "GHSA-f4w8-cv6p-x6r5", "GHSA-jgpv-4h4c-xhw3", "GHSA-q5hq-fp76-qmrc", "GHSA-w4vg-rf63-f3j3", "PYSEC-2016-9", "GHSA-cjwg-qfpm-7377", "PYSEC-2024-233", "GHSA-2jv5-9r88-3w3p", "GHSA-f96h-pmfr-66vw", "GHSA-33c7-2mpw-hg34", "PYSEC-2020-150" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183", "GHSA-7gpw-8wmc-pm8g", "GHSA-h5c8-rqwp-cp95", "GHSA-h75v-3vvj-5mfj" ], "RAG & Memory Poisoning": [ "GHSA-54jq-c3m8-4m76", "GHSA-xx9p-xxvh-7g8j", "GHSA-9j59-75qj-795w", "GHSA-wp53-j4wj-2cfg", "GHSA-3936-cmfr-pm3m" ], "Credential Scope": [ "GHSA-p998-jp59-783m", "GHSA-mf9w-mj56-hr94", "GHSA-cjwg-qfpm-7377", "PYSEC-2024-233", "GHSA-8ch4-58qp-g3mp", "PYSEC-2021-95" ], "Output Weaponization": [ "GHSA-p998-jp59-783m", "GHSA-v6wp-4m6f-gcjg", "GHSA-xx9p-xxvh-7g8j", "PYSEC-2021-76", "PYSEC-2023-247" ], "Privilege Escalation": [ "GHSA-mf9w-mj56-hr94" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ], "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ], "aiohttp": [ { "id": "GHSA-2vrm-gr82-f7m5", "severity": "LOW", "summary": "AIOHTTP has CRLF injection through multipart part content type header construction" }, { "id": "GHSA-3wq7-rqq7-wx6j", "severity": "LOW", "summary": "AIOHTTP has late size enforcement for non-file multipart fields causes memory DoS" }, { "id": "GHSA-45c4-8wx5-qw6w", "severity": "MEDIUM", "summary": "aiohttp.web.Application vulnerable to HTTP request smuggling via llhttp HTTP request parser" }, { "id": "GHSA-54jq-c3m8-4m76", "severity": "LOW", "summary": "AIOHTTP vulnerable to brute-force leak of internal static \ufb01le path components" }, { "id": "GHSA-5m98-qgg9-wh84", "severity": "HIGH", "summary": "aiohttp vulnerable to Denial of Service when trying to parse malformed POST requests" }, { "id": "GHSA-63hf-3vf5-4wqf", "severity": "LOW", "summary": "AIOHTTP's C parser (llhttp) accepts null bytes and control characters in response header values - header injection/security bypass" }, { "id": "GHSA-69f9-5gxw-wvc2", "severity": "LOW", "summary": "AIOHTTP's unicode processing of header values could cause parsing discrepancies" }, { "id": "GHSA-6jhg-hg63-jvvf", "severity": "MEDIUM", "summary": "AIOHTTP vulnerable to denial of service through large payloads" }, { "id": "GHSA-6mq8-rvhq-8wgg", "severity": "HIGH", "summary": "AIOHTTP's HTTP Parser auto_decompress feature is vulnerable to zip bomb" }, { "id": "GHSA-7gpw-8wmc-pm8g", "severity": "MEDIUM", "summary": "aiohttp Cross-site Scripting vulnerability on index pages for static file handling" }, { "id": "GHSA-8495-4g3g-x7pr", "severity": "MEDIUM", "summary": "aiohttp allows request smuggling due to incorrect parsing of chunk extensions" }, { "id": "GHSA-8qpw-xqxj-h4r2", "severity": "MEDIUM", "summary": "aiohttp's HTTP parser (the python one, not llhttp) still overly lenient about separators" }, { "id": "GHSA-9548-qrrj-x5pj", "severity": "LOW", "summary": " AIOHTTP is vulnerable to HTTP Request/Response Smuggling through incorrect parsing of chunked trailer sections" }, { "id": "GHSA-966j-vmvw-g2g9", "severity": "LOW", "summary": "AIOHTTP leaks Cookie and Proxy-Authorization headers on cross-origin redirect" }, { "id": "GHSA-c427-h43c-vf67", "severity": "MEDIUM", "summary": "AIOHTTP accepts duplicate Host headers" }, { "id": "GHSA-fh55-r93g-j68g", "severity": "LOW", "summary": "AIOHTTP Vulnerable to Cookie Parser Warning Storm" }, { "id": "GHSA-g84x-mcqj-x9qq", "severity": "MEDIUM", "summary": "AIOHTTP vulnerable to DoS through chunked messages" }, { "id": "GHSA-gfw2-4jvh-wgfg", "severity": "MEDIUM", "summary": "AIOHTTP has problems in HTTP parser (the python one, not llhttp)" }, { "id": "GHSA-hcc4-c3v8-rx92", "severity": "LOW", "summary": "AIOHTTP Affected by Denial of Service (DoS) via Unbounded DNS Cache in TCPConnector" }, { "id": "GHSA-jj3x-wxrx-4x23", "severity": "MEDIUM", "summary": "AIOHTTP vulnerable to DoS when bypassing asserts" }, { "id": "GHSA-m5qp-6w8w-w647", "severity": "MEDIUM", "summary": "AIOHTTP has a Multipart Header Size Bypass" }, { "id": "GHSA-mqqc-3gqh-h2x8", "severity": "LOW", "summary": "AIOHTTP has unicode match groups in regexes for ASCII protocol elements" }, { "id": "GHSA-mwh4-6h8g-pg8w", "severity": "LOW", "summary": "AIOHTTP has HTTP response splitting via \\r in reason phrase" }, { "id": "GHSA-p998-jp59-783m", "severity": "MEDIUM", "summary": "AIOHTTP affected by UNC SSRF/NTLMv2 Credential Theft/Local File Read in static resource handler on Windows" }, { "id": "GHSA-pjjw-qhg8-p2p9", "severity": "MEDIUM", "summary": "aiohttp has vulnerable dependency that is vulnerable to request smuggling" }, { "id": "GHSA-q3qx-c6g2-7pw2", "severity": "MEDIUM", "summary": "aiohttp's ClientSession is vulnerable to CRLF injection via version" }, { "id": "GHSA-qvrw-v9rv-5rjx", "severity": "MEDIUM", "summary": "aiohttp's ClientSession is vulnerable to CRLF injection via method" }, { "id": "GHSA-v6wp-4m6f-gcjg", "severity": "LOW", "summary": "`aiohttp` Open Redirect vulnerability (`normalize_path_middleware` middleware)" }, { "id": "GHSA-w2fm-2cpv-w7v5", "severity": "MEDIUM", "summary": "aiohttp allows unlimited trailer headers, leading to possible uncapped memory usage" }, { "id": "GHSA-xx9p-xxvh-7g8j", "severity": "LOW", "summary": "Aiohttp has inconsistent interpretation of `Content-Length` vs. `Transfer-Encoding` differing in C and Python fallbacks" }, { "id": "PYSEC-2021-76", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-120", "severity": "UNKNOWN", "summary": "aiohttp.web.Application vulnerable to HTTP request smuggling via llhttp HTTP request parser" }, { "id": "PYSEC-2023-246", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-247", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-250", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-251", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-26", "severity": "UNKNOWN", "summary": "" } ], "python-dotenv": [ { "id": "GHSA-mf9w-mj56-hr94", "severity": "MEDIUM", "summary": "python-dotenv: Symlink following in set_key allows arbitrary file overwrite via cross-device rename fallback" } ], "asyncpg": [ { "id": "GHSA-2xpj-f5g2-8p7m", "severity": "CRITICAL", "summary": "Asyncpg Arbitrary Code Execution Via Access to an Uninitialized Pointer" }, { "id": "PYSEC-2020-24", "severity": "UNKNOWN", "summary": "" } ], "fastapi": [ { "id": "GHSA-8h2j-cgx8-6xv7", "severity": "HIGH", "summary": "Cross-Site Request Forgery (CSRF) in FastAPI" }, { "id": "PYSEC-2021-100", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-38", "severity": "UNKNOWN", "summary": "" } ], "jinja2": [ { "id": "GHSA-462w-v97r-4m45", "severity": "HIGH", "summary": "Jinja2 sandbox escape via string formatting" }, { "id": "GHSA-8r7q-cvjq-x353", "severity": "HIGH", "summary": "Incorrect Privilege Assignment in Jinja2" }, { "id": "GHSA-cpwx-vrp4-4pq7", "severity": "MEDIUM", "summary": "Jinja2 vulnerable to sandbox breakout through attr filter selecting format method" }, { "id": "GHSA-fqh9-2qgg-h84h", "severity": "MEDIUM", "summary": "Insecure Temporary File in Jinja2" }, { "id": "GHSA-g3rq-g295-4j3m", "severity": "MEDIUM", "summary": "Regular Expression Denial of Service (ReDoS) in Jinja2" }, { "id": "GHSA-h5c8-rqwp-cp95", "severity": "MEDIUM", "summary": "Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter" }, { "id": "GHSA-h75v-3vvj-5mfj", "severity": "MEDIUM", "summary": "Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter" }, { "id": "GHSA-hj2j-77xm-mc5v", "severity": "HIGH", "summary": "Jinja2 sandbox escape vulnerability" }, { "id": "GHSA-q2x7-8rv6-6q7h", "severity": "MEDIUM", "summary": "Jinja has a sandbox breakout through indirect reference to format method" }, { "id": "PYSEC-2014-8", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-82", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2019-217", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2019-220", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-66", "severity": "UNKNOWN", "summary": "" } ], "opentelemetry-instrumentation": [ { "id": "GHSA-5rv5-6h4r-h22v", "severity": "HIGH", "summary": "opentelemetry-instrumentation Denial of Service vulnerability due to unbound cardinality metrics" } ], "pandas": [ { "id": "PYSEC-2020-73", "severity": "UNKNOWN", "summary": "" } ], "pillow": [ { "id": "GHSA-3c5c-7235-994j", "severity": "HIGH", "summary": "Pillow buffer overflow in ImagingPcdDecode" }, { "id": "GHSA-3f63-hfp8-52jq", "severity": "CRITICAL", "summary": "Arbitrary Code Execution in Pillow" }, { "id": "GHSA-3wvg-mj6g-m9cv", "severity": "HIGH", "summary": "Pillow Uncontrolled Resource Consumption" }, { "id": "GHSA-3xv8-3j54-hgrp", "severity": "HIGH", "summary": "Out-of-bounds read in Pillow" }, { "id": "GHSA-43fq-w8qq-v88h", "severity": "CRITICAL", "summary": "Out-of-bounds read in Pillow" }, { "id": "GHSA-44wm-f244-xhp3", "severity": "HIGH", "summary": "Pillow buffer overflow vulnerability" }, { "id": "GHSA-4fx9-vc88-q2xc", "severity": "LOW", "summary": "Infinite loop in Pillow" }, { "id": "GHSA-57h3-9rgr-c24m", "severity": "CRITICAL", "summary": "Out of bounds write in Pillow" }, { "id": "GHSA-5gm3-px64-rw72", "severity": "HIGH", "summary": "Uncontrolled Resource Consumption in Pillow" }, { "id": "GHSA-7534-mm45-c74v", "severity": "CRITICAL", "summary": "Buffer Overflow in Pillow" }, { "id": "GHSA-7r7m-5h27-29hp", "severity": "HIGH", "summary": "Potential infinite loop in Pillow" }, { "id": "GHSA-8843-m7mw-mxqm", "severity": "HIGH", "summary": "Buffer overflow in Pillow" }, { "id": "GHSA-8ghj-p4vj-mr35", "severity": "HIGH", "summary": "Pillow Denial of Service vulnerability" }, { "id": "GHSA-8m9x-pxwq-j236", "severity": "CRITICAL", "summary": "Pillow command injection" }, { "id": "GHSA-8vj2-vxx3-667w", "severity": "CRITICAL", "summary": "Arbitrary expression injection in Pillow" }, { "id": "GHSA-8xjq-8fcg-g5hw", "severity": "HIGH", "summary": "Out-of-bounds Write in Pillow" }, { "id": "GHSA-8xjv-v9xq-m5h9", "severity": "HIGH", "summary": "Pillow Buffer overflow in ImagingFliDecode" }, { "id": "GHSA-95q3-8gr9-gm8w", "severity": "HIGH", "summary": "Pillow Denial of Service by Uncontrolled Resource Consumption" }, { "id": "GHSA-9j59-75qj-795w", "severity": "HIGH", "summary": "Path traversal in Pillow" }, { "id": "GHSA-cfmr-38g9-f2h7", "severity": "HIGH", "summary": "Pillow denial of service via Crafted Block Size" }, { "id": "GHSA-cqhg-xjhh-p8hf", "severity": "HIGH", "summary": "Out-of-bounds reads in Pillow" }, { "id": "GHSA-f4w8-cv6p-x6r5", "severity": "HIGH", "summary": "Pillow Denial of Service by Uncontrolled Resource Consumption" }, { "id": "GHSA-f5g8-5qq7-938w", "severity": "HIGH", "summary": "Pillow Out-of-bounds Read" }, { "id": "GHSA-g6rj-rv7j-xwp4", "severity": "HIGH", "summary": "Pillow denial of service" }, { "id": "GHSA-h5rf-vgqx-wjv2", "severity": "HIGH", "summary": "Pillow denial of service via PNG bomb" }, { "id": "GHSA-hggx-3h72-49ww", "severity": "MEDIUM", "summary": "Pillow Buffer overflow in ImagingLibTiffDecode" }, { "id": "GHSA-hj69-c76v-86wr", "severity": "HIGH", "summary": "Out-of-bounds Read in Pillow" }, { "id": "GHSA-hvr8-466p-75rh", "severity": "CRITICAL", "summary": "Pillow Integer overflow in ImagingResampleHorizontal" }, { "id": "GHSA-j6f7-g425-4gmx", "severity": "HIGH", "summary": "Pillow is vulnerable to Denial of Service (DOS) in the Jpeg2KImagePlugin" }, { "id": "GHSA-j7hp-h8jx-5ppr", "severity": "HIGH", "summary": "libwebp: OOB write in BuildHuffmanTable" }, { "id": "GHSA-j7mj-748x-7p78", "severity": "HIGH", "summary": "DOS attack in Pillow when processing specially crafted image files" }, { "id": "GHSA-jgpv-4h4c-xhw3", "severity": "MEDIUM", "summary": "Uncontrolled Resource Consumption in pillow" }, { "id": "GHSA-m2vv-5vj5-2hm7", "severity": "HIGH", "summary": "Pillow vulnerable to Data Amplification attack." }, { "id": "GHSA-mvg9-xffr-p774", "severity": "HIGH", "summary": "Out of bounds read in Pillow" }, { "id": "GHSA-p49h-hjvm-jg3h", "severity": "CRITICAL", "summary": "PCX P mode buffer overflow in Pillow" }, { "id": "GHSA-pw3c-h7wp-cvhx", "severity": "MEDIUM", "summary": "Improper Initialization in Pillow" }, { "id": "GHSA-q5hq-fp76-qmrc", "severity": "HIGH", "summary": "Uncontrolled Resource Consumption in Pillow" }, { "id": "GHSA-r7rm-8j6h-r933", "severity": "CRITICAL", "summary": "Buffer Copy without Checking Size of Input in Pillow" }, { "id": "GHSA-r854-96gq-rfg3", "severity": "MEDIUM", "summary": "Pillow Temporary file name leakage" }, { "id": "GHSA-rwr3-c2q8-gm56", "severity": "MEDIUM", "summary": "Pillow Integer overflow in Map.c" }, { "id": "GHSA-vcqg-3p29-xw73", "severity": "CRITICAL", "summary": "Integer overflow in Pillow" }, { "id": "GHSA-vj42-xq3r-hr3r", "severity": "HIGH", "summary": "Out-of-bounds reads in Pillow" }, { "id": "GHSA-vqcj-wrf2-7v73", "severity": "HIGH", "summary": "Pillow Out-of-bounds Write" }, { "id": "GHSA-w4vg-rf63-f3j3", "severity": "HIGH", "summary": "Arbitrary code using \"crafted image file\" approach affecting Pillow" }, { "id": "GHSA-x895-2wrm-hvp7", "severity": "HIGH", "summary": "PIL and Pillow Vulnerable to Symlink Attack on Tmpfiles" }, { "id": "GHSA-xrcv-f9gm-v42c", "severity": "MEDIUM", "summary": "Out-of-bounds Read in Pillow" }, { "id": "PYSEC-2014-10", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-22", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-23", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-87", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2015-15", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2015-16", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2016-19", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2016-5", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2016-6", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2016-7", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2016-8", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2016-9", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2019-110", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-172", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-76", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-77", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-78", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-79", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-80", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-81", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-82", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-83", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-84", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-137", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-138", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-139", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-317", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-331", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-35", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-36", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-37", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-38", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-39", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-40", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-41", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-42", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-69", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-70", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-92", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-93", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-94", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2022-10", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2022-168", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2022-42979", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2022-8", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2022-9", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-175", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-227", "severity": "UNKNOWN", "summary": "" } ], "python-jose": [ { "id": "GHSA-6c5p-j8vq-pqhj", "severity": "CRITICAL", "summary": "python-jose algorithm confusion with OpenSSH ECDSA keys" }, { "id": "GHSA-cjwg-qfpm-7377", "severity": "MEDIUM", "summary": "python-jose denial of service via compressed JWE content" }, { "id": "GHSA-w799-prg3-cx77", "severity": "CRITICAL", "summary": "python-jose failure to use a constant time comparison for HMAC keys" }, { "id": "PYSEC-2017-28", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-232", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-233", "severity": "UNKNOWN", "summary": "" } ], "python-multipart": [ { "id": "GHSA-2jv5-9r88-3w3p", "severity": "HIGH", "summary": "python-multipart vulnerable to Content-Type Header ReDoS" }, { "id": "GHSA-59g5-xgcq-4qw3", "severity": "HIGH", "summary": "Denial of service (DoS) via deformation `multipart/form-data` boundary" }, { "id": "GHSA-mj87-hwqh-73pj", "severity": "MEDIUM", "summary": "python-multipart affected by Denial of Service via large multipart preamble or epilogue data" }, { "id": "GHSA-wp53-j4wj-2cfg", "severity": "HIGH", "summary": "Python-Multipart has Arbitrary File Write via Non-Default Configuration" } ], "sqlalchemy": [ { "id": "GHSA-38fc-9xqv-7f7q", "severity": "CRITICAL", "summary": "SQLAlchemy is vulnerable to SQL Injection via group_by parameter " }, { "id": "GHSA-887w-45rq-vxgf", "severity": "CRITICAL", "summary": "SQLAlchemy vulnerable to SQL Injection via order_by parameter" }, { "id": "GHSA-hfg2-wf6j-x53p", "severity": "CRITICAL", "summary": "SQLAlchemy vulnerable to SQL injection" }, { "id": "PYSEC-2012-9", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2019-123", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2019-124", "severity": "UNKNOWN", "summary": "" } ], "starlette": [ { "id": "GHSA-2c2j-9gv5-cj73", "severity": "MEDIUM", "summary": "Starlette has possible denial-of-service vector when parsing large files in multipart forms" }, { "id": "GHSA-74m5-2c7w-9w3x", "severity": "HIGH", "summary": "MultipartParser denial of service with too many fields or files" }, { "id": "GHSA-f96h-pmfr-66vw", "severity": "HIGH", "summary": "Starlette Denial of service (DoS) via multipart/form-data" }, { "id": "PYSEC-2023-48", "severity": "UNKNOWN", "summary": "" } ], "uvicorn": [ { "id": "GHSA-33c7-2mpw-hg34", "severity": "HIGH", "summary": "Log injection in uvicorn" }, { "id": "GHSA-f97h-2pfx-f59f", "severity": "HIGH", "summary": "HTTP response splitting in uvicorn" }, { "id": "PYSEC-2020-150", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-151", "severity": "UNKNOWN", "summary": "" } ], "websockets": [ { "id": "GHSA-8ch4-58qp-g3mp", "severity": "HIGH", "summary": "Observable Timing Discrepancy in aaugustin websockets library" }, { "id": "PYSEC-2018-79", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-95", "severity": "UNKNOWN", "summary": "" } ], "black": [ { "id": "GHSA-3936-cmfr-pm3m", "severity": "HIGH", "summary": "Black: Arbitrary file writes from unsanitized user input in cache file name" }, { "id": "GHSA-fj7x-q9j7-g6q6", "severity": "MEDIUM", "summary": "Black vulnerable to Regular Expression Denial of Service (ReDoS)" }, { "id": "PYSEC-2024-48", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "5g-ddos-mcp", "version": "1.0.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 296, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47", "GHSA-6w46-j5rx-g56g", "GHSA-2vrm-gr82-f7m5", "GHSA-3wq7-rqq7-wx6j", "GHSA-45c4-8wx5-qw6w", "GHSA-5m98-qgg9-wh84", "GHSA-63hf-3vf5-4wqf", "GHSA-69f9-5gxw-wvc2", "GHSA-6jhg-hg63-jvvf", "GHSA-6mq8-rvhq-8wgg", "GHSA-8495-4g3g-x7pr", "GHSA-9548-qrrj-x5pj", "GHSA-966j-vmvw-g2g9", "GHSA-c427-h43c-vf67", "GHSA-fh55-r93g-j68g", "GHSA-g84x-mcqj-x9qq", "GHSA-hcc4-c3v8-rx92", "GHSA-jj3x-wxrx-4x23", "GHSA-m5qp-6w8w-w647", "GHSA-mqqc-3gqh-h2x8", "GHSA-mwh4-6h8g-pg8w", "GHSA-pjjw-qhg8-p2p9", "GHSA-q3qx-c6g2-7pw2", "GHSA-qvrw-v9rv-5rjx", "GHSA-w2fm-2cpv-w7v5", "PYSEC-2023-120", "PYSEC-2023-246", "PYSEC-2023-250", "PYSEC-2023-251", "GHSA-mf9w-mj56-hr94", "PYSEC-2020-73", "GHSA-5545-2q6w-2gh6", "GHSA-f7c7-j99h-c22f", "GHSA-fpfv-jqm9-f5jm", "GHSA-frgw-fgh6-9g52", "PYSEC-2017-1", "PYSEC-2018-33", "PYSEC-2018-34", "PYSEC-2021-856", "PYSEC-2021-857", "GHSA-chqf-hx79-gxc6", "PYSEC-2017-48", "PYSEC-2020-107", "PYSEC-2020-108", "GHSA-2g6r-c272-w58r", "GHSA-q84m-rmw3-4382", "GHSA-3hjh-jh2h-vrg6", "GHSA-45pg-36p6-83v9", "GHSA-7q94-qpjr-xpgm", "PYSEC-2023-110", "PYSEC-2024-115", "PYSEC-2024-118" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh", "GHSA-3wq7-rqq7-wx6j", "GHSA-54jq-c3m8-4m76", "GHSA-8qpw-xqxj-h4r2", "GHSA-gfw2-4jvh-wgfg", "GHSA-p998-jp59-783m", "PYSEC-2024-26", "GHSA-9fq2-x9r6-wfmf", "PYSEC-2019-108", "GHSA-2g6r-c272-w58r", "GHSA-6qv9-48xg-fc7f", "GHSA-c67j-w6g6-q2cm", "GHSA-h59x-p739-982c", "GHSA-qh6h-p6c9-ff54", "PYSEC-2024-45", "GHSA-2qmj-7962-cjq8", "GHSA-3hjh-jh2h-vrg6", "GHSA-57fc-8q82-gfp3", "GHSA-6643-h7h5-x9wh", "GHSA-6h8p-4hx9-w66c", "GHSA-7gfq-f96f-g85j", "GHSA-8h5w-f6q9-wg35", "GHSA-92j5-3459-qgp4", "GHSA-f73w-4m7g-ch9x", "GHSA-fj32-q626-pjjc", "GHSA-fprp-p869-w6q2", "GHSA-gwqq-6vq7-5j86", "GHSA-prgp-w7vf-ch62", "GHSA-rgp8-pm28-3759", "GHSA-x32c-59v5-h7fg", "PYSEC-2023-109", "PYSEC-2023-138", "PYSEC-2023-145", "PYSEC-2023-146", "PYSEC-2023-147", "PYSEC-2023-151", "PYSEC-2023-162", "PYSEC-2023-18", "PYSEC-2023-91", "PYSEC-2023-92", "PYSEC-2023-98", "PYSEC-2024-118", "PYSEC-2024-43", "GHSA-g48c-2wqr-h844", "GHSA-r7w7-9xr2-qq2r" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183", "GHSA-7gpw-8wmc-pm8g", "GHSA-frgw-fgh6-9g52", "PYSEC-2017-1", "GHSA-c67j-w6g6-q2cm", "GHSA-45pg-36p6-83v9", "GHSA-6h8p-4hx9-w66c", "GHSA-8h5w-f6q9-wg35", "GHSA-fprp-p869-w6q2", "PYSEC-2023-18", "PYSEC-2024-115" ], "RAG & Memory Poisoning": [ "GHSA-54jq-c3m8-4m76", "GHSA-xx9p-xxvh-7g8j", "GHSA-2fc2-6r4j-p65h", "GHSA-cw6w-4rcx-xphc", "GHSA-h59x-p739-982c", "GHSA-qh6h-p6c9-ff54", "PYSEC-2024-45", "GHSA-rgp8-pm28-3759", "PYSEC-2024-43" ], "Credential Scope": [ "GHSA-p998-jp59-783m", "GHSA-mf9w-mj56-hr94", "GHSA-jw8x-6495-233v", "PYSEC-2024-110", "GHSA-h59x-p739-982c", "GHSA-qh6h-p6c9-ff54", "PYSEC-2024-45", "PYSEC-2024-43", "GHSA-g48c-2wqr-h844" ], "Output Weaponization": [ "GHSA-p998-jp59-783m", "GHSA-v6wp-4m6f-gcjg", "GHSA-xx9p-xxvh-7g8j", "PYSEC-2021-76", "PYSEC-2023-247", "GHSA-2g6r-c272-w58r", "GHSA-45pg-36p6-83v9", "GHSA-655w-fm8m-m478", "GHSA-6h8p-4hx9-w66c", "GHSA-h9j7-5xvc-qhg5", "GHSA-rgp8-pm28-3759", "PYSEC-2023-205", "PYSEC-2024-115", "GHSA-r7w7-9xr2-qq2r" ], "Privilege Escalation": [ "GHSA-mf9w-mj56-hr94", "GHSA-6qv9-48xg-fc7f", "GHSA-g48c-2wqr-h844" ], "Tool Poisoning": [ "GHSA-9fq2-x9r6-wfmf", "GHSA-jjw5-xxj6-pcv5", "GHSA-6qv9-48xg-fc7f", "GHSA-926x-3r5x-gfhw", "GHSA-c67j-w6g6-q2cm", "GHSA-g48c-2wqr-h844" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" }, { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ], "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ], "aiohttp": [ { "id": "GHSA-2vrm-gr82-f7m5", "severity": "LOW", "summary": "AIOHTTP has CRLF injection through multipart part content type header construction" }, { "id": "GHSA-3wq7-rqq7-wx6j", "severity": "LOW", "summary": "AIOHTTP has late size enforcement for non-file multipart fields causes memory DoS" }, { "id": "GHSA-45c4-8wx5-qw6w", "severity": "MEDIUM", "summary": "aiohttp.web.Application vulnerable to HTTP request smuggling via llhttp HTTP request parser" }, { "id": "GHSA-54jq-c3m8-4m76", "severity": "LOW", "summary": "AIOHTTP vulnerable to brute-force leak of internal static \ufb01le path components" }, { "id": "GHSA-5m98-qgg9-wh84", "severity": "HIGH", "summary": "aiohttp vulnerable to Denial of Service when trying to parse malformed POST requests" }, { "id": "GHSA-63hf-3vf5-4wqf", "severity": "LOW", "summary": "AIOHTTP's C parser (llhttp) accepts null bytes and control characters in response header values - header injection/security bypass" }, { "id": "GHSA-69f9-5gxw-wvc2", "severity": "LOW", "summary": "AIOHTTP's unicode processing of header values could cause parsing discrepancies" }, { "id": "GHSA-6jhg-hg63-jvvf", "severity": "MEDIUM", "summary": "AIOHTTP vulnerable to denial of service through large payloads" }, { "id": "GHSA-6mq8-rvhq-8wgg", "severity": "HIGH", "summary": "AIOHTTP's HTTP Parser auto_decompress feature is vulnerable to zip bomb" }, { "id": "GHSA-7gpw-8wmc-pm8g", "severity": "MEDIUM", "summary": "aiohttp Cross-site Scripting vulnerability on index pages for static file handling" }, { "id": "GHSA-8495-4g3g-x7pr", "severity": "MEDIUM", "summary": "aiohttp allows request smuggling due to incorrect parsing of chunk extensions" }, { "id": "GHSA-8qpw-xqxj-h4r2", "severity": "MEDIUM", "summary": "aiohttp's HTTP parser (the python one, not llhttp) still overly lenient about separators" }, { "id": "GHSA-9548-qrrj-x5pj", "severity": "LOW", "summary": " AIOHTTP is vulnerable to HTTP Request/Response Smuggling through incorrect parsing of chunked trailer sections" }, { "id": "GHSA-966j-vmvw-g2g9", "severity": "LOW", "summary": "AIOHTTP leaks Cookie and Proxy-Authorization headers on cross-origin redirect" }, { "id": "GHSA-c427-h43c-vf67", "severity": "MEDIUM", "summary": "AIOHTTP accepts duplicate Host headers" }, { "id": "GHSA-fh55-r93g-j68g", "severity": "LOW", "summary": "AIOHTTP Vulnerable to Cookie Parser Warning Storm" }, { "id": "GHSA-g84x-mcqj-x9qq", "severity": "MEDIUM", "summary": "AIOHTTP vulnerable to DoS through chunked messages" }, { "id": "GHSA-gfw2-4jvh-wgfg", "severity": "MEDIUM", "summary": "AIOHTTP has problems in HTTP parser (the python one, not llhttp)" }, { "id": "GHSA-hcc4-c3v8-rx92", "severity": "LOW", "summary": "AIOHTTP Affected by Denial of Service (DoS) via Unbounded DNS Cache in TCPConnector" }, { "id": "GHSA-jj3x-wxrx-4x23", "severity": "MEDIUM", "summary": "AIOHTTP vulnerable to DoS when bypassing asserts" }, { "id": "GHSA-m5qp-6w8w-w647", "severity": "MEDIUM", "summary": "AIOHTTP has a Multipart Header Size Bypass" }, { "id": "GHSA-mqqc-3gqh-h2x8", "severity": "LOW", "summary": "AIOHTTP has unicode match groups in regexes for ASCII protocol elements" }, { "id": "GHSA-mwh4-6h8g-pg8w", "severity": "LOW", "summary": "AIOHTTP has HTTP response splitting via \\r in reason phrase" }, { "id": "GHSA-p998-jp59-783m", "severity": "MEDIUM", "summary": "AIOHTTP affected by UNC SSRF/NTLMv2 Credential Theft/Local File Read in static resource handler on Windows" }, { "id": "GHSA-pjjw-qhg8-p2p9", "severity": "MEDIUM", "summary": "aiohttp has vulnerable dependency that is vulnerable to request smuggling" }, { "id": "GHSA-q3qx-c6g2-7pw2", "severity": "MEDIUM", "summary": "aiohttp's ClientSession is vulnerable to CRLF injection via version" }, { "id": "GHSA-qvrw-v9rv-5rjx", "severity": "MEDIUM", "summary": "aiohttp's ClientSession is vulnerable to CRLF injection via method" }, { "id": "GHSA-v6wp-4m6f-gcjg", "severity": "LOW", "summary": "`aiohttp` Open Redirect vulnerability (`normalize_path_middleware` middleware)" }, { "id": "GHSA-w2fm-2cpv-w7v5", "severity": "MEDIUM", "summary": "aiohttp allows unlimited trailer headers, leading to possible uncapped memory usage" }, { "id": "GHSA-xx9p-xxvh-7g8j", "severity": "LOW", "summary": "Aiohttp has inconsistent interpretation of `Content-Length` vs. `Transfer-Encoding` differing in C and Python fallbacks" }, { "id": "PYSEC-2021-76", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-120", "severity": "UNKNOWN", "summary": "aiohttp.web.Application vulnerable to HTTP request smuggling via llhttp HTTP request parser" }, { "id": "PYSEC-2023-246", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-247", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-250", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-251", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-26", "severity": "UNKNOWN", "summary": "" } ], "python-dotenv": [ { "id": "GHSA-mf9w-mj56-hr94", "severity": "MEDIUM", "summary": "python-dotenv: Symlink following in set_key allows arbitrary file overwrite via cross-device rename fallback" } ], "pandas": [ { "id": "PYSEC-2020-73", "severity": "UNKNOWN", "summary": "" } ], "numpy": [ { "id": "GHSA-2fc2-6r4j-p65h", "severity": "HIGH", "summary": "Numpy arbitrary file write via symlink attack" }, { "id": "GHSA-5545-2q6w-2gh6", "severity": "HIGH", "summary": "NumPy NULL Pointer Dereference" }, { "id": "GHSA-9fq2-x9r6-wfmf", "severity": "CRITICAL", "summary": "Numpy Deserialization of Untrusted Data" }, { "id": "GHSA-cw6w-4rcx-xphc", "severity": "HIGH", "summary": "Arbitrary file write in NumPy" }, { "id": "GHSA-f7c7-j99h-c22f", "severity": "MEDIUM", "summary": "Buffer Copy without Checking Size of Input in NumPy" }, { "id": "GHSA-fpfv-jqm9-f5jm", "severity": "MEDIUM", "summary": "Incorrect Comparison in NumPy" }, { "id": "GHSA-frgw-fgh6-9g52", "severity": "HIGH", "summary": "Numpy missing input validation" }, { "id": "PYSEC-2017-1", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2018-33", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2018-34", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2019-108", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-856", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-857", "severity": "UNKNOWN", "summary": "" } ], "openpyxl": [ { "id": "GHSA-chqf-hx79-gxc6", "severity": "MEDIUM", "summary": "Improper Restriction of XML External Entity Reference in Openpyxl" }, { "id": "PYSEC-2017-48", "severity": "UNKNOWN", "summary": "" } ], "scikit-learn": [ { "id": "GHSA-jjw5-xxj6-pcv5", "severity": "CRITICAL", "summary": "scikit-learn Deserialization of Untrusted Data" }, { "id": "GHSA-jw8x-6495-233v", "severity": "MEDIUM", "summary": "scikit-learn sensitive data leakage vulnerability" }, { "id": "PYSEC-2020-107", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-108", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-110", "severity": "UNKNOWN", "summary": "" } ], "langchain-core": [ { "id": "GHSA-2g6r-c272-w58r", "severity": "LOW", "summary": "LangChain affected by SSRF via image_url token counting in ChatOpenAI.get_num_tokens_from_messages" }, { "id": "GHSA-6qv9-48xg-fc7f", "severity": "HIGH", "summary": "LangChain Vulnerable to Template Injection via Attribute Access in Prompt Templates" }, { "id": "GHSA-926x-3r5x-gfhw", "severity": "MEDIUM", "summary": "LangChain has incomplete f-string validation in prompt templates" }, { "id": "GHSA-c67j-w6g6-q2cm", "severity": "CRITICAL", "summary": "LangChain serialization injection vulnerability enables secret extraction in dumps/loads APIs" }, { "id": "GHSA-h59x-p739-982c", "severity": "LOW", "summary": "LangChain directory traversal vulnerability" }, { "id": "GHSA-q84m-rmw3-4382", "severity": "MEDIUM", "summary": "LangChain's XMLOutputParser vulnerable to XML Entity Expansion" }, { "id": "GHSA-qh6h-p6c9-ff54", "severity": "HIGH", "summary": "LangChain Core has Path Traversal vulnerabilites in legacy `load_prompt` functions" }, { "id": "PYSEC-2024-45", "severity": "UNKNOWN", "summary": "" }, { "id": "GHSA-2g6r-c272-w58r", "severity": "LOW", "summary": "LangChain affected by SSRF via image_url token counting in ChatOpenAI.get_num_tokens_from_messages" }, { "id": "GHSA-6qv9-48xg-fc7f", "severity": "HIGH", "summary": "LangChain Vulnerable to Template Injection via Attribute Access in Prompt Templates" }, { "id": "GHSA-926x-3r5x-gfhw", "severity": "MEDIUM", "summary": "LangChain has incomplete f-string validation in prompt templates" }, { "id": "GHSA-c67j-w6g6-q2cm", "severity": "CRITICAL", "summary": "LangChain serialization injection vulnerability enables secret extraction in dumps/loads APIs" }, { "id": "GHSA-h59x-p739-982c", "severity": "LOW", "summary": "LangChain directory traversal vulnerability" }, { "id": "GHSA-q84m-rmw3-4382", "severity": "MEDIUM", "summary": "LangChain's XMLOutputParser vulnerable to XML Entity Expansion" }, { "id": "GHSA-qh6h-p6c9-ff54", "severity": "HIGH", "summary": "LangChain Core has Path Traversal vulnerabilites in legacy `load_prompt` functions" }, { "id": "PYSEC-2024-45", "severity": "UNKNOWN", "summary": "" }, { "id": "GHSA-2g6r-c272-w58r", "severity": "LOW", "summary": "LangChain affected by SSRF via image_url token counting in ChatOpenAI.get_num_tokens_from_messages" }, { "id": "GHSA-6qv9-48xg-fc7f", "severity": "HIGH", "summary": "LangChain Vulnerable to Template Injection via Attribute Access in Prompt Templates" }, { "id": "GHSA-926x-3r5x-gfhw", "severity": "MEDIUM", "summary": "LangChain has incomplete f-string validation in prompt templates" }, { "id": "GHSA-c67j-w6g6-q2cm", "severity": "CRITICAL", "summary": "LangChain serialization injection vulnerability enables secret extraction in dumps/loads APIs" }, { "id": "GHSA-h59x-p739-982c", "severity": "LOW", "summary": "LangChain directory traversal vulnerability" }, { "id": "GHSA-q84m-rmw3-4382", "severity": "MEDIUM", "summary": "LangChain's XMLOutputParser vulnerable to XML Entity Expansion" }, { "id": "GHSA-qh6h-p6c9-ff54", "severity": "HIGH", "summary": "LangChain Core has Path Traversal vulnerabilites in legacy `load_prompt` functions" }, { "id": "PYSEC-2024-45", "severity": "UNKNOWN", "summary": "" }, { "id": "GHSA-2g6r-c272-w58r", "severity": "LOW", "summary": "LangChain affected by SSRF via image_url token counting in ChatOpenAI.get_num_tokens_from_messages" }, { "id": "GHSA-6qv9-48xg-fc7f", "severity": "HIGH", "summary": "LangChain Vulnerable to Template Injection via Attribute Access in Prompt Templates" }, { "id": "GHSA-926x-3r5x-gfhw", "severity": "MEDIUM", "summary": "LangChain has incomplete f-string validation in prompt templates" }, { "id": "GHSA-c67j-w6g6-q2cm", "severity": "CRITICAL", "summary": "LangChain serialization injection vulnerability enables secret extraction in dumps/loads APIs" }, { "id": "GHSA-h59x-p739-982c", "severity": "LOW", "summary": "LangChain directory traversal vulnerability" }, { "id": "GHSA-q84m-rmw3-4382", "severity": "MEDIUM", "summary": "LangChain's XMLOutputParser vulnerable to XML Entity Expansion" }, { "id": "GHSA-qh6h-p6c9-ff54", "severity": "HIGH", "summary": "LangChain Core has Path Traversal vulnerabilites in legacy `load_prompt` functions" }, { "id": "PYSEC-2024-45", "severity": "UNKNOWN", "summary": "" }, { "id": "GHSA-2g6r-c272-w58r", "severity": "LOW", "summary": "LangChain affected by SSRF via image_url token counting in ChatOpenAI.get_num_tokens_from_messages" }, { "id": "GHSA-6qv9-48xg-fc7f", "severity": "HIGH", "summary": "LangChain Vulnerable to Template Injection via Attribute Access in Prompt Templates" }, { "id": "GHSA-926x-3r5x-gfhw", "severity": "MEDIUM", "summary": "LangChain has incomplete f-string validation in prompt templates" }, { "id": "GHSA-c67j-w6g6-q2cm", "severity": "CRITICAL", "summary": "LangChain serialization injection vulnerability enables secret extraction in dumps/loads APIs" }, { "id": "GHSA-h59x-p739-982c", "severity": "LOW", "summary": "LangChain directory traversal vulnerability" }, { "id": "GHSA-q84m-rmw3-4382", "severity": "MEDIUM", "summary": "LangChain's XMLOutputParser vulnerable to XML Entity Expansion" }, { "id": "GHSA-qh6h-p6c9-ff54", "severity": "HIGH", "summary": "LangChain Core has Path Traversal vulnerabilites in legacy `load_prompt` functions" }, { "id": "PYSEC-2024-45", "severity": "UNKNOWN", "summary": "" } ], "langchain": [ { "id": "GHSA-2qmj-7962-cjq8", "severity": "CRITICAL", "summary": "langchain arbitrary code execution vulnerability" }, { "id": "GHSA-3hjh-jh2h-vrg6", "severity": "MEDIUM", "summary": "Denial of service in langchain-community" }, { "id": "GHSA-45pg-36p6-83v9", "severity": "LOW", "summary": "Langchain SQL Injection vulnerability" }, { "id": "GHSA-57fc-8q82-gfp3", "severity": "CRITICAL", "summary": "langchain vulnerable to arbitrary code execution" }, { "id": "GHSA-655w-fm8m-m478", "severity": "HIGH", "summary": "LangChain Server Side Request Forgery vulnerability" }, { "id": "GHSA-6643-h7h5-x9wh", "severity": "CRITICAL", "summary": "Langchain vulnerable to arbitrary code execution" }, { "id": "GHSA-6h8p-4hx9-w66c", "severity": "HIGH", "summary": "Langchain Server-Side Request Forgery vulnerability" }, { "id": "GHSA-7gfq-f96f-g85j", "severity": "CRITICAL", "summary": "langchain vulnerable to arbitrary code execution" }, { "id": "GHSA-7q94-qpjr-xpgm", "severity": "HIGH", "summary": "langchain SQL Injection vulnerability" }, { "id": "GHSA-8h5w-f6q9-wg35", "severity": "CRITICAL", "summary": "Langchain SQL Injection vulnerability" }, { "id": "GHSA-92j5-3459-qgp4", "severity": "CRITICAL", "summary": "LangChain vulnerable to arbitrary code execution" }, { "id": "GHSA-f73w-4m7g-ch9x", "severity": "CRITICAL", "summary": "Langchain vulnerable to arbitrary code execution via the evaluate function in the numexpr library" }, { "id": "GHSA-fj32-q626-pjjc", "severity": "CRITICAL", "summary": "LangChain vulnerable to arbitrary code execution" }, { "id": "GHSA-fprp-p869-w6q2", "severity": "CRITICAL", "summary": "LangChain vulnerable to code injection" }, { "id": "GHSA-gwqq-6vq7-5j86", "severity": "CRITICAL", "summary": "langchain Code Injection vulnerability" }, { "id": "GHSA-h59x-p739-982c", "severity": "LOW", "summary": "LangChain directory traversal vulnerability" }, { "id": "GHSA-h9j7-5xvc-qhg5", "severity": "LOW", "summary": "langchain Server-Side Request Forgery vulnerability" }, { "id": "GHSA-prgp-w7vf-ch62", "severity": "CRITICAL", "summary": "LangChain vulnerable to arbitrary code execution" }, { "id": "GHSA-rgp8-pm28-3759", "severity": "MEDIUM", "summary": "langchain vulnerable to path traversal" }, { "id": "GHSA-x32c-59v5-h7fg", "severity": "CRITICAL", "summary": "Langchain OS Command Injection vulnerability" }, { "id": "PYSEC-2023-109", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-110", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-138", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-145", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-146", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-147", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-151", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-162", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-18", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-205", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-91", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-92", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-98", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-115", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-118", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-43", "severity": "UNKNOWN", "summary": "" }, { "id": "GHSA-2qmj-7962-cjq8", "severity": "CRITICAL", "summary": "langchain arbitrary code execution vulnerability" }, { "id": "GHSA-3hjh-jh2h-vrg6", "severity": "MEDIUM", "summary": "Denial of service in langchain-community" }, { "id": "GHSA-45pg-36p6-83v9", "severity": "LOW", "summary": "Langchain SQL Injection vulnerability" }, { "id": "GHSA-57fc-8q82-gfp3", "severity": "CRITICAL", "summary": "langchain vulnerable to arbitrary code execution" }, { "id": "GHSA-655w-fm8m-m478", "severity": "HIGH", "summary": "LangChain Server Side Request Forgery vulnerability" }, { "id": "GHSA-6643-h7h5-x9wh", "severity": "CRITICAL", "summary": "Langchain vulnerable to arbitrary code execution" }, { "id": "GHSA-6h8p-4hx9-w66c", "severity": "HIGH", "summary": "Langchain Server-Side Request Forgery vulnerability" }, { "id": "GHSA-7gfq-f96f-g85j", "severity": "CRITICAL", "summary": "langchain vulnerable to arbitrary code execution" }, { "id": "GHSA-7q94-qpjr-xpgm", "severity": "HIGH", "summary": "langchain SQL Injection vulnerability" }, { "id": "GHSA-8h5w-f6q9-wg35", "severity": "CRITICAL", "summary": "Langchain SQL Injection vulnerability" }, { "id": "GHSA-92j5-3459-qgp4", "severity": "CRITICAL", "summary": "LangChain vulnerable to arbitrary code execution" }, { "id": "GHSA-f73w-4m7g-ch9x", "severity": "CRITICAL", "summary": "Langchain vulnerable to arbitrary code execution via the evaluate function in the numexpr library" }, { "id": "GHSA-fj32-q626-pjjc", "severity": "CRITICAL", "summary": "LangChain vulnerable to arbitrary code execution" }, { "id": "GHSA-fprp-p869-w6q2", "severity": "CRITICAL", "summary": "LangChain vulnerable to code injection" }, { "id": "GHSA-gwqq-6vq7-5j86", "severity": "CRITICAL", "summary": "langchain Code Injection vulnerability" }, { "id": "GHSA-h59x-p739-982c", "severity": "LOW", "summary": "LangChain directory traversal vulnerability" }, { "id": "GHSA-h9j7-5xvc-qhg5", "severity": "LOW", "summary": "langchain Server-Side Request Forgery vulnerability" }, { "id": "GHSA-prgp-w7vf-ch62", "severity": "CRITICAL", "summary": "LangChain vulnerable to arbitrary code execution" }, { "id": "GHSA-rgp8-pm28-3759", "severity": "MEDIUM", "summary": "langchain vulnerable to path traversal" }, { "id": "GHSA-x32c-59v5-h7fg", "severity": "CRITICAL", "summary": "Langchain OS Command Injection vulnerability" }, { "id": "PYSEC-2023-109", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-110", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-138", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-145", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-146", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-147", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-151", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-162", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-18", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-205", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-91", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-92", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-98", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-115", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-118", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-43", "severity": "UNKNOWN", "summary": "" }, { "id": "GHSA-2qmj-7962-cjq8", "severity": "CRITICAL", "summary": "langchain arbitrary code execution vulnerability" }, { "id": "GHSA-3hjh-jh2h-vrg6", "severity": "MEDIUM", "summary": "Denial of service in langchain-community" }, { "id": "GHSA-45pg-36p6-83v9", "severity": "LOW", "summary": "Langchain SQL Injection vulnerability" }, { "id": "GHSA-57fc-8q82-gfp3", "severity": "CRITICAL", "summary": "langchain vulnerable to arbitrary code execution" }, { "id": "GHSA-655w-fm8m-m478", "severity": "HIGH", "summary": "LangChain Server Side Request Forgery vulnerability" }, { "id": "GHSA-6643-h7h5-x9wh", "severity": "CRITICAL", "summary": "Langchain vulnerable to arbitrary code execution" }, { "id": "GHSA-6h8p-4hx9-w66c", "severity": "HIGH", "summary": "Langchain Server-Side Request Forgery vulnerability" }, { "id": "GHSA-7gfq-f96f-g85j", "severity": "CRITICAL", "summary": "langchain vulnerable to arbitrary code execution" }, { "id": "GHSA-7q94-qpjr-xpgm", "severity": "HIGH", "summary": "langchain SQL Injection vulnerability" }, { "id": "GHSA-8h5w-f6q9-wg35", "severity": "CRITICAL", "summary": "Langchain SQL Injection vulnerability" }, { "id": "GHSA-92j5-3459-qgp4", "severity": "CRITICAL", "summary": "LangChain vulnerable to arbitrary code execution" }, { "id": "GHSA-f73w-4m7g-ch9x", "severity": "CRITICAL", "summary": "Langchain vulnerable to arbitrary code execution via the evaluate function in the numexpr library" }, { "id": "GHSA-fj32-q626-pjjc", "severity": "CRITICAL", "summary": "LangChain vulnerable to arbitrary code execution" }, { "id": "GHSA-fprp-p869-w6q2", "severity": "CRITICAL", "summary": "LangChain vulnerable to code injection" }, { "id": "GHSA-gwqq-6vq7-5j86", "severity": "CRITICAL", "summary": "langchain Code Injection vulnerability" }, { "id": "GHSA-h59x-p739-982c", "severity": "LOW", "summary": "LangChain directory traversal vulnerability" }, { "id": "GHSA-h9j7-5xvc-qhg5", "severity": "LOW", "summary": "langchain Server-Side Request Forgery vulnerability" }, { "id": "GHSA-prgp-w7vf-ch62", "severity": "CRITICAL", "summary": "LangChain vulnerable to arbitrary code execution" }, { "id": "GHSA-rgp8-pm28-3759", "severity": "MEDIUM", "summary": "langchain vulnerable to path traversal" }, { "id": "GHSA-x32c-59v5-h7fg", "severity": "CRITICAL", "summary": "Langchain OS Command Injection vulnerability" }, { "id": "PYSEC-2023-109", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-110", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-138", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-145", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-146", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-147", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-151", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-162", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-18", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-205", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-91", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-92", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-98", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-115", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-118", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-43", "severity": "UNKNOWN", "summary": "" }, { "id": "GHSA-2qmj-7962-cjq8", "severity": "CRITICAL", "summary": "langchain arbitrary code execution vulnerability" }, { "id": "GHSA-3hjh-jh2h-vrg6", "severity": "MEDIUM", "summary": "Denial of service in langchain-community" }, { "id": "GHSA-45pg-36p6-83v9", "severity": "LOW", "summary": "Langchain SQL Injection vulnerability" }, { "id": "GHSA-57fc-8q82-gfp3", "severity": "CRITICAL", "summary": "langchain vulnerable to arbitrary code execution" }, { "id": "GHSA-655w-fm8m-m478", "severity": "HIGH", "summary": "LangChain Server Side Request Forgery vulnerability" }, { "id": "GHSA-6643-h7h5-x9wh", "severity": "CRITICAL", "summary": "Langchain vulnerable to arbitrary code execution" }, { "id": "GHSA-6h8p-4hx9-w66c", "severity": "HIGH", "summary": "Langchain Server-Side Request Forgery vulnerability" }, { "id": "GHSA-7gfq-f96f-g85j", "severity": "CRITICAL", "summary": "langchain vulnerable to arbitrary code execution" }, { "id": "GHSA-7q94-qpjr-xpgm", "severity": "HIGH", "summary": "langchain SQL Injection vulnerability" }, { "id": "GHSA-8h5w-f6q9-wg35", "severity": "CRITICAL", "summary": "Langchain SQL Injection vulnerability" }, { "id": "GHSA-92j5-3459-qgp4", "severity": "CRITICAL", "summary": "LangChain vulnerable to arbitrary code execution" }, { "id": "GHSA-f73w-4m7g-ch9x", "severity": "CRITICAL", "summary": "Langchain vulnerable to arbitrary code execution via the evaluate function in the numexpr library" }, { "id": "GHSA-fj32-q626-pjjc", "severity": "CRITICAL", "summary": "LangChain vulnerable to arbitrary code execution" }, { "id": "GHSA-fprp-p869-w6q2", "severity": "CRITICAL", "summary": "LangChain vulnerable to code injection" }, { "id": "GHSA-gwqq-6vq7-5j86", "severity": "CRITICAL", "summary": "langchain Code Injection vulnerability" }, { "id": "GHSA-h59x-p739-982c", "severity": "LOW", "summary": "LangChain directory traversal vulnerability" }, { "id": "GHSA-h9j7-5xvc-qhg5", "severity": "LOW", "summary": "langchain Server-Side Request Forgery vulnerability" }, { "id": "GHSA-prgp-w7vf-ch62", "severity": "CRITICAL", "summary": "LangChain vulnerable to arbitrary code execution" }, { "id": "GHSA-rgp8-pm28-3759", "severity": "MEDIUM", "summary": "langchain vulnerable to path traversal" }, { "id": "GHSA-x32c-59v5-h7fg", "severity": "CRITICAL", "summary": "Langchain OS Command Injection vulnerability" }, { "id": "PYSEC-2023-109", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-110", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-138", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-145", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-146", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-147", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-151", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-162", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-18", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-205", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-91", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-92", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-98", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-115", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-118", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-43", "severity": "UNKNOWN", "summary": "" }, { "id": "GHSA-2qmj-7962-cjq8", "severity": "CRITICAL", "summary": "langchain arbitrary code execution vulnerability" }, { "id": "GHSA-3hjh-jh2h-vrg6", "severity": "MEDIUM", "summary": "Denial of service in langchain-community" }, { "id": "GHSA-45pg-36p6-83v9", "severity": "LOW", "summary": "Langchain SQL Injection vulnerability" }, { "id": "GHSA-57fc-8q82-gfp3", "severity": "CRITICAL", "summary": "langchain vulnerable to arbitrary code execution" }, { "id": "GHSA-655w-fm8m-m478", "severity": "HIGH", "summary": "LangChain Server Side Request Forgery vulnerability" }, { "id": "GHSA-6643-h7h5-x9wh", "severity": "CRITICAL", "summary": "Langchain vulnerable to arbitrary code execution" }, { "id": "GHSA-6h8p-4hx9-w66c", "severity": "HIGH", "summary": "Langchain Server-Side Request Forgery vulnerability" }, { "id": "GHSA-7gfq-f96f-g85j", "severity": "CRITICAL", "summary": "langchain vulnerable to arbitrary code execution" }, { "id": "GHSA-7q94-qpjr-xpgm", "severity": "HIGH", "summary": "langchain SQL Injection vulnerability" }, { "id": "GHSA-8h5w-f6q9-wg35", "severity": "CRITICAL", "summary": "Langchain SQL Injection vulnerability" }, { "id": "GHSA-92j5-3459-qgp4", "severity": "CRITICAL", "summary": "LangChain vulnerable to arbitrary code execution" }, { "id": "GHSA-f73w-4m7g-ch9x", "severity": "CRITICAL", "summary": "Langchain vulnerable to arbitrary code execution via the evaluate function in the numexpr library" }, { "id": "GHSA-fj32-q626-pjjc", "severity": "CRITICAL", "summary": "LangChain vulnerable to arbitrary code execution" }, { "id": "GHSA-fprp-p869-w6q2", "severity": "CRITICAL", "summary": "LangChain vulnerable to code injection" }, { "id": "GHSA-gwqq-6vq7-5j86", "severity": "CRITICAL", "summary": "langchain Code Injection vulnerability" }, { "id": "GHSA-h59x-p739-982c", "severity": "LOW", "summary": "LangChain directory traversal vulnerability" }, { "id": "GHSA-h9j7-5xvc-qhg5", "severity": "LOW", "summary": "langchain Server-Side Request Forgery vulnerability" }, { "id": "GHSA-prgp-w7vf-ch62", "severity": "CRITICAL", "summary": "LangChain vulnerable to arbitrary code execution" }, { "id": "GHSA-rgp8-pm28-3759", "severity": "MEDIUM", "summary": "langchain vulnerable to path traversal" }, { "id": "GHSA-x32c-59v5-h7fg", "severity": "CRITICAL", "summary": "Langchain OS Command Injection vulnerability" }, { "id": "PYSEC-2023-109", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-110", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-138", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-145", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-146", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-147", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-151", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-162", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-18", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-205", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-91", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-92", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-98", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-115", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-118", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-43", "severity": "UNKNOWN", "summary": "" } ], "langgraph": [ { "id": "GHSA-g48c-2wqr-h844", "severity": "MEDIUM", "summary": "LangGraph checkpoint loading has unsafe msgpack deserialization" }, { "id": "GHSA-g48c-2wqr-h844", "severity": "MEDIUM", "summary": "LangGraph checkpoint loading has unsafe msgpack deserialization" }, { "id": "GHSA-g48c-2wqr-h844", "severity": "MEDIUM", "summary": "LangGraph checkpoint loading has unsafe msgpack deserialization" }, { "id": "GHSA-g48c-2wqr-h844", "severity": "MEDIUM", "summary": "LangGraph checkpoint loading has unsafe msgpack deserialization" }, { "id": "GHSA-g48c-2wqr-h844", "severity": "MEDIUM", "summary": "LangGraph checkpoint loading has unsafe msgpack deserialization" } ], "langchain-openai": [ { "id": "GHSA-r7w7-9xr2-qq2r", "severity": "LOW", "summary": "langchain-openai: Image token counting SSRF protection can be bypassed via DNS rebinding" } ] } }, { "name": "8000-cherry-mcp", "version": "0.1.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ] } }, { "name": "a11y-expert-mcp", "version": "0.1.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ] } }, { "name": "a11y-mcp", "version": "0.1.1", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 21, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47", "GHSA-6w46-j5rx-g56g", "GHSA-462w-v97r-4m45", "GHSA-8r7q-cvjq-x353", "GHSA-cpwx-vrp4-4pq7", "GHSA-fqh9-2qgg-h84h", "GHSA-g3rq-g295-4j3m", "GHSA-hj2j-77xm-mc5v", "GHSA-q2x7-8rv6-6q7h", "PYSEC-2014-8", "PYSEC-2014-82", "PYSEC-2019-217", "PYSEC-2019-220", "PYSEC-2021-66" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "Prompt Injection": [ "GHSA-h5c8-rqwp-cp95", "GHSA-h75v-3vvj-5mfj" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ], "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ], "jinja2": [ { "id": "GHSA-462w-v97r-4m45", "severity": "HIGH", "summary": "Jinja2 sandbox escape via string formatting" }, { "id": "GHSA-8r7q-cvjq-x353", "severity": "HIGH", "summary": "Incorrect Privilege Assignment in Jinja2" }, { "id": "GHSA-cpwx-vrp4-4pq7", "severity": "MEDIUM", "summary": "Jinja2 vulnerable to sandbox breakout through attr filter selecting format method" }, { "id": "GHSA-fqh9-2qgg-h84h", "severity": "MEDIUM", "summary": "Insecure Temporary File in Jinja2" }, { "id": "GHSA-g3rq-g295-4j3m", "severity": "MEDIUM", "summary": "Regular Expression Denial of Service (ReDoS) in Jinja2" }, { "id": "GHSA-h5c8-rqwp-cp95", "severity": "MEDIUM", "summary": "Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter" }, { "id": "GHSA-h75v-3vvj-5mfj", "severity": "MEDIUM", "summary": "Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter" }, { "id": "GHSA-hj2j-77xm-mc5v", "severity": "HIGH", "summary": "Jinja2 sandbox escape vulnerability" }, { "id": "GHSA-q2x7-8rv6-6q7h", "severity": "MEDIUM", "summary": "Jinja has a sandbox breakout through indirect reference to format method" }, { "id": "PYSEC-2014-8", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-82", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2019-217", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2019-220", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-66", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "a2a4b2b-mcp", "version": "0.1.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 16, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-6w46-j5rx-g56g", "GHSA-652x-xj99-gmcc", "GHSA-9wx4-h78v-vm56", "GHSA-gc5v-m9x4-r6x2", "PYSEC-2014-14", "GHSA-fj7x-q9j7-g6q6", "PYSEC-2024-48" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "Credential Scope": [ "GHSA-9hjg-9r4m-mvj7", "GHSA-cfj3-7x9c-4p3h", "GHSA-x84v-xcm2-53pg", "PYSEC-2014-13", "PYSEC-2018-28" ], "RAG & Memory Poisoning": [ "GHSA-3936-cmfr-pm3m" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ], "requests": [ { "id": "GHSA-652x-xj99-gmcc", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-9hjg-9r4m-mvj7", "severity": "MEDIUM", "summary": "Requests vulnerable to .netrc credentials leak via malicious URLs" }, { "id": "GHSA-9wx4-h78v-vm56", "severity": "MEDIUM", "summary": "Requests `Session` object does not verify requests after making first request with verify=False" }, { "id": "GHSA-cfj3-7x9c-4p3h", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-gc5v-m9x4-r6x2", "severity": "MEDIUM", "summary": "Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function" }, { "id": "GHSA-x84v-xcm2-53pg", "severity": "HIGH", "summary": "Insufficiently Protected Credentials in Requests" }, { "id": "PYSEC-2014-13", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-14", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2018-28", "severity": "UNKNOWN", "summary": "" } ], "black": [ { "id": "GHSA-3936-cmfr-pm3m", "severity": "HIGH", "summary": "Black: Arbitrary file writes from unsanitized user input in cache file name" }, { "id": "GHSA-fj7x-q9j7-g6q6", "severity": "MEDIUM", "summary": "Black vulnerable to Regular Expression Denial of Service (ReDoS)" }, { "id": "PYSEC-2024-48", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "a2a-agent-mcpserver-generator", "version": "0.1.2", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 7, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47", "GHSA-mf9w-mj56-hr94" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "Privilege Escalation": [ "GHSA-mf9w-mj56-hr94" ], "Credential Scope": [ "GHSA-mf9w-mj56-hr94" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ], "python-dotenv": [ { "id": "GHSA-mf9w-mj56-hr94", "severity": "MEDIUM", "summary": "python-dotenv: Symlink following in set_key allows arbitrary file overwrite via cross-device rename fallback" } ] } }, { "name": "a2a-governance-bridge-mcp", "version": "1.0.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ] } }, { "name": "a2a-mcp", "version": "0.1.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 34, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-652x-xj99-gmcc", "GHSA-9wx4-h78v-vm56", "GHSA-gc5v-m9x4-r6x2", "PYSEC-2014-14", "GHSA-mf9w-mj56-hr94", "GHSA-3ww4-gg4f-jr7f", "GHSA-9v9h-cgj8-h64p", "GHSA-hggm-jpg3-v476", "GHSA-r6ph-v2qm-q3c2", "PYSEC-2017-8", "PYSEC-2021-62", "GHSA-562c-5r94-xh97", "GHSA-5wv5-4vpf-pj6m", "GHSA-68rp-wp8r-4726", "GHSA-m2qf-hxjv-5gpq", "PYSEC-2018-66", "PYSEC-2019-179", "PYSEC-2023-62", "GHSA-32pc-xphx-q4f6", "GHSA-hc5x-x2vx-497g", "GHSA-w3h3-4rj7-4ph4", "PYSEC-2018-55", "GHSA-9q2p-fj49-vpxj", "PYSEC-2018-67" ], "Credential Scope": [ "GHSA-9hjg-9r4m-mvj7", "GHSA-cfj3-7x9c-4p3h", "GHSA-x84v-xcm2-53pg", "PYSEC-2014-13", "PYSEC-2018-28", "GHSA-mf9w-mj56-hr94", "GHSA-752w-5fwx-jx9f", "GHSA-r9jw-mwhq-wp62", "PYSEC-2017-24" ], "Privilege Escalation": [ "GHSA-mf9w-mj56-hr94" ], "Code Execution": [ "GHSA-9v9h-cgj8-h64p", "GHSA-m959-cc7f-wv43", "GHSA-752w-5fwx-jx9f" ], "Prompt Injection": [ "GHSA-q3cj-2r34-2cwc", "GHSA-562c-5r94-xh97", "PYSEC-2018-66", "GHSA-hc5x-x2vx-497g" ], "Output Weaponization": [ "GHSA-hc5x-x2vx-497g" ] }, "direct_vulns": [], "dep_vulns": { "requests": [ { "id": "GHSA-652x-xj99-gmcc", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-9hjg-9r4m-mvj7", "severity": "MEDIUM", "summary": "Requests vulnerable to .netrc credentials leak via malicious URLs" }, { "id": "GHSA-9wx4-h78v-vm56", "severity": "MEDIUM", "summary": "Requests `Session` object does not verify requests after making first request with verify=False" }, { "id": "GHSA-cfj3-7x9c-4p3h", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-gc5v-m9x4-r6x2", "severity": "MEDIUM", "summary": "Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function" }, { "id": "GHSA-x84v-xcm2-53pg", "severity": "HIGH", "summary": "Insufficiently Protected Credentials in Requests" }, { "id": "PYSEC-2014-13", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-14", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2018-28", "severity": "UNKNOWN", "summary": "" } ], "python-dotenv": [ { "id": "GHSA-mf9w-mj56-hr94", "severity": "MEDIUM", "summary": "python-dotenv: Symlink following in set_key allows arbitrary file overwrite via cross-device rename fallback" } ], "cryptography": [ { "id": "GHSA-3ww4-gg4f-jr7f", "severity": "HIGH", "summary": "Python Cryptography package vulnerable to Bleichenbacher timing oracle attack" }, { "id": "GHSA-9v9h-cgj8-h64p", "severity": "MEDIUM", "summary": "Null pointer dereference in PKCS12 parsing" }, { "id": "GHSA-hggm-jpg3-v476", "severity": "HIGH", "summary": "RSA decryption vulnerable to Bleichenbacher timing vulnerability" }, { "id": "GHSA-m959-cc7f-wv43", "severity": "LOW", "summary": "cryptography has incomplete DNS name constraint enforcement on peer names" }, { "id": "GHSA-q3cj-2r34-2cwc", "severity": "HIGH", "summary": "Improper input validation in cryptography" }, { "id": "GHSA-r6ph-v2qm-q3c2", "severity": "HIGH", "summary": "cryptography Vulnerable to a Subgroup Attack Due to Missing Subgroup Validation for SECT Curves" }, { "id": "PYSEC-2017-8", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-62", "severity": "UNKNOWN", "summary": "" } ], "flask": [ { "id": "GHSA-562c-5r94-xh97", "severity": "HIGH", "summary": "Flask is vulnerable to Denial of Service via incorrect encoding of JSON data" }, { "id": "GHSA-5wv5-4vpf-pj6m", "severity": "HIGH", "summary": "Pallets Project Flask is vulnerable to Denial of Service via Unexpected memory usage" }, { "id": "GHSA-68rp-wp8r-4726", "severity": "LOW", "summary": "Flask session does not add `Vary: Cookie` header when accessed in some ways" }, { "id": "GHSA-m2qf-hxjv-5gpq", "severity": "HIGH", "summary": "Flask vulnerable to possible disclosure of permanent session cookie due to missing Vary: Cookie header" }, { "id": "PYSEC-2018-66", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2019-179", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-62", "severity": "UNKNOWN", "summary": "" } ], "gunicorn": [ { "id": "GHSA-32pc-xphx-q4f6", "severity": "HIGH", "summary": "Gunicorn contains Improper Neutralization of CRLF sequences in HTTP headers" }, { "id": "GHSA-hc5x-x2vx-497g", "severity": "HIGH", "summary": "Gunicorn HTTP Request/Response Smuggling vulnerability" }, { "id": "GHSA-w3h3-4rj7-4ph4", "severity": "HIGH", "summary": "Request smuggling leading to endpoint restriction bypass in Gunicorn" }, { "id": "PYSEC-2018-55", "severity": "UNKNOWN", "summary": "" } ], "marshmallow": [ { "id": "GHSA-9q2p-fj49-vpxj", "severity": "MEDIUM", "summary": "In marshmallow library the schema \"only\" option treats an empty list as implying no \"only\" option" }, { "id": "PYSEC-2018-67", "severity": "UNKNOWN", "summary": "" } ], "pyjwt": [ { "id": "GHSA-752w-5fwx-jx9f", "severity": "HIGH", "summary": "PyJWT accepts unknown `crit` header extensions" }, { "id": "GHSA-r9jw-mwhq-wp62", "severity": "HIGH", "summary": "PyJWT vulnerable to key confusion attacks" }, { "id": "PYSEC-2017-24", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "a2amcp-sdk", "version": "0.1.4", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 5, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-6w46-j5rx-g56g", "GHSA-fj7x-q9j7-g6q6", "PYSEC-2024-48" ], "RAG & Memory Poisoning": [ "GHSA-3936-cmfr-pm3m" ] }, "direct_vulns": [], "dep_vulns": { "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" }, { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ], "black": [ { "id": "GHSA-3936-cmfr-pm3m", "severity": "HIGH", "summary": "Black: Arbitrary file writes from unsanitized user input in cache file name" }, { "id": "GHSA-fj7x-q9j7-g6q6", "severity": "MEDIUM", "summary": "Black vulnerable to Regular Expression Denial of Service (ReDoS)" }, { "id": "PYSEC-2024-48", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "a2a-mcp-server", "version": "0.1.5", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 32, "max_severity": "CRITICAL", "tactic_exposure": { "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183", "GHSA-mxxr-jv3v-6pgc" ], "Infrastructure & Runtime": [ "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47", "GHSA-6w46-j5rx-g56g", "GHSA-2c2j-9gv5-cj73", "GHSA-74m5-2c7w-9w3x", "GHSA-f96h-pmfr-66vw", "PYSEC-2023-48", "GHSA-f97h-2pfx-f59f", "PYSEC-2020-151", "GHSA-rcfx-77hg-w2wv", "GHSA-cw2r-4p82-qv79", "GHSA-fjrm-76x2-c4q4", "GHSA-j857-7rvv-vj97", "GHSA-wg33-x934-3ghh", "PYSEC-2016-4", "PYSEC-2024-104" ], "Code Execution": [ "GHSA-f96h-pmfr-66vw", "GHSA-33c7-2mpw-hg34", "PYSEC-2020-150", "GHSA-752w-5fwx-jx9f", "GHSA-5h2m-4q8j-pqpj", "GHSA-c2jp-c369-7pvx", "GHSA-m8x7-r2rg-vh5g", "GHSA-rj5c-58rq-j5g5", "GHSA-rww4-4w9c-7733", "PYSEC-2024-104" ], "Credential Scope": [ "GHSA-752w-5fwx-jx9f", "GHSA-r9jw-mwhq-wp62", "PYSEC-2017-24", "GHSA-5h2m-4q8j-pqpj", "GHSA-vv7q-7jx5-f767", "GHSA-gwp4-mcv4-w95j", "GHSA-j857-7rvv-vj97", "PYSEC-2024-104" ], "Privilege Escalation": [ "GHSA-rww4-4w9c-7733", "GHSA-vv7q-7jx5-f767" ], "RAG & Memory Poisoning": [ "GHSA-vv7q-7jx5-f767" ], "Output Weaponization": [ "GHSA-vv7q-7jx5-f767" ] }, "direct_vulns": [], "dep_vulns": { "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ], "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ], "starlette": [ { "id": "GHSA-2c2j-9gv5-cj73", "severity": "MEDIUM", "summary": "Starlette has possible denial-of-service vector when parsing large files in multipart forms" }, { "id": "GHSA-74m5-2c7w-9w3x", "severity": "HIGH", "summary": "MultipartParser denial of service with too many fields or files" }, { "id": "GHSA-f96h-pmfr-66vw", "severity": "HIGH", "summary": "Starlette Denial of service (DoS) via multipart/form-data" }, { "id": "PYSEC-2023-48", "severity": "UNKNOWN", "summary": "" } ], "uvicorn": [ { "id": "GHSA-33c7-2mpw-hg34", "severity": "HIGH", "summary": "Log injection in uvicorn" }, { "id": "GHSA-f97h-2pfx-f59f", "severity": "HIGH", "summary": "HTTP response splitting in uvicorn" }, { "id": "PYSEC-2020-150", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-151", "severity": "UNKNOWN", "summary": "" } ], "pyjwt": [ { "id": "GHSA-752w-5fwx-jx9f", "severity": "HIGH", "summary": "PyJWT accepts unknown `crit` header extensions" }, { "id": "GHSA-r9jw-mwhq-wp62", "severity": "HIGH", "summary": "PyJWT vulnerable to key confusion attacks" }, { "id": "PYSEC-2017-24", "severity": "UNKNOWN", "summary": "" } ], "fastmcp": [ { "id": "GHSA-5h2m-4q8j-pqpj", "severity": "HIGH", "summary": "FastMCP OAuth Proxy token reuse across MCP servers" }, { "id": "GHSA-c2jp-c369-7pvx", "severity": "HIGH", "summary": "FastMCP Auth Integration Allows for Confused Deputy Account Takeover" }, { "id": "GHSA-m8x7-r2rg-vh5g", "severity": "MEDIUM", "summary": "FastMCP has a Command Injection vulnerability - Gemini CLI" }, { "id": "GHSA-mxxr-jv3v-6pgc", "severity": "MEDIUM", "summary": "FastMCP vulnerable to reflected XSS in client's callback page" }, { "id": "GHSA-rcfx-77hg-w2wv", "severity": "HIGH", "summary": "FastMCP updated to MCP 1.23+ due to CVE-2025-66416" }, { "id": "GHSA-rj5c-58rq-j5g5", "severity": "MEDIUM", "summary": "FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name" }, { "id": "GHSA-rww4-4w9c-7733", "severity": "HIGH", "summary": "FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities" }, { "id": "GHSA-vv7q-7jx5-f767", "severity": "CRITICAL", "summary": "FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability" } ], "jwcrypto": [ { "id": "GHSA-cw2r-4p82-qv79", "severity": "MEDIUM", "summary": "DoS with algorithms that use PBKDF2 due to unbounded PBES2 Count value" }, { "id": "GHSA-fjrm-76x2-c4q4", "severity": "MEDIUM", "summary": "JWCrypto: JWE ZIP decompression bomb" }, { "id": "GHSA-gwp4-mcv4-w95j", "severity": "MEDIUM", "summary": "jwcrypto token substitution can lead to authentication bypass" }, { "id": "GHSA-j857-7rvv-vj97", "severity": "MEDIUM", "summary": "JWCrypto vulnerable to JWT bomb Attack in `deserialize` function" }, { "id": "GHSA-wg33-x934-3ghh", "severity": "MEDIUM", "summary": "jwcrypto lacks the Random Filling protection mechanism" }, { "id": "PYSEC-2016-4", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-104", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "a2anet-mcp", "version": "2.0.1", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 5, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-39ph-wr67-j4xq", "PYSEC-2022-14" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "loguru": [ { "id": "GHSA-39ph-wr67-j4xq", "severity": "MEDIUM", "summary": "loguru logs sensitive information" }, { "id": "PYSEC-2022-14", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "a2a-protocol-mcp-server", "version": "0.1.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ] } }, { "name": "a2c-smcp", "version": "0.1.5", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 43, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47", "GHSA-2vrm-gr82-f7m5", "GHSA-3wq7-rqq7-wx6j", "GHSA-45c4-8wx5-qw6w", "GHSA-5m98-qgg9-wh84", "GHSA-63hf-3vf5-4wqf", "GHSA-69f9-5gxw-wvc2", "GHSA-6jhg-hg63-jvvf", "GHSA-6mq8-rvhq-8wgg", "GHSA-8495-4g3g-x7pr", "GHSA-9548-qrrj-x5pj", "GHSA-966j-vmvw-g2g9", "GHSA-c427-h43c-vf67", "GHSA-fh55-r93g-j68g", "GHSA-g84x-mcqj-x9qq", "GHSA-hcc4-c3v8-rx92", "GHSA-jj3x-wxrx-4x23", "GHSA-m5qp-6w8w-w647", "GHSA-mqqc-3gqh-h2x8", "GHSA-mwh4-6h8g-pg8w", "GHSA-pjjw-qhg8-p2p9", "GHSA-q3qx-c6g2-7pw2", "GHSA-qvrw-v9rv-5rjx", "GHSA-w2fm-2cpv-w7v5", "PYSEC-2023-120", "PYSEC-2023-246", "PYSEC-2023-250", "PYSEC-2023-251" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh", "GHSA-3wq7-rqq7-wx6j", "GHSA-54jq-c3m8-4m76", "GHSA-8qpw-xqxj-h4r2", "GHSA-gfw2-4jvh-wgfg", "GHSA-p998-jp59-783m", "PYSEC-2024-26" ], "RAG & Memory Poisoning": [ "GHSA-54jq-c3m8-4m76", "GHSA-xx9p-xxvh-7g8j" ], "Prompt Injection": [ "GHSA-7gpw-8wmc-pm8g" ], "Credential Scope": [ "GHSA-p998-jp59-783m" ], "Output Weaponization": [ "GHSA-p998-jp59-783m", "GHSA-v6wp-4m6f-gcjg", "GHSA-xx9p-xxvh-7g8j", "PYSEC-2021-76", "PYSEC-2023-247" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ], "aiohttp": [ { "id": "GHSA-2vrm-gr82-f7m5", "severity": "LOW", "summary": "AIOHTTP has CRLF injection through multipart part content type header construction" }, { "id": "GHSA-3wq7-rqq7-wx6j", "severity": "LOW", "summary": "AIOHTTP has late size enforcement for non-file multipart fields causes memory DoS" }, { "id": "GHSA-45c4-8wx5-qw6w", "severity": "MEDIUM", "summary": "aiohttp.web.Application vulnerable to HTTP request smuggling via llhttp HTTP request parser" }, { "id": "GHSA-54jq-c3m8-4m76", "severity": "LOW", "summary": "AIOHTTP vulnerable to brute-force leak of internal static \ufb01le path components" }, { "id": "GHSA-5m98-qgg9-wh84", "severity": "HIGH", "summary": "aiohttp vulnerable to Denial of Service when trying to parse malformed POST requests" }, { "id": "GHSA-63hf-3vf5-4wqf", "severity": "LOW", "summary": "AIOHTTP's C parser (llhttp) accepts null bytes and control characters in response header values - header injection/security bypass" }, { "id": "GHSA-69f9-5gxw-wvc2", "severity": "LOW", "summary": "AIOHTTP's unicode processing of header values could cause parsing discrepancies" }, { "id": "GHSA-6jhg-hg63-jvvf", "severity": "MEDIUM", "summary": "AIOHTTP vulnerable to denial of service through large payloads" }, { "id": "GHSA-6mq8-rvhq-8wgg", "severity": "HIGH", "summary": "AIOHTTP's HTTP Parser auto_decompress feature is vulnerable to zip bomb" }, { "id": "GHSA-7gpw-8wmc-pm8g", "severity": "MEDIUM", "summary": "aiohttp Cross-site Scripting vulnerability on index pages for static file handling" }, { "id": "GHSA-8495-4g3g-x7pr", "severity": "MEDIUM", "summary": "aiohttp allows request smuggling due to incorrect parsing of chunk extensions" }, { "id": "GHSA-8qpw-xqxj-h4r2", "severity": "MEDIUM", "summary": "aiohttp's HTTP parser (the python one, not llhttp) still overly lenient about separators" }, { "id": "GHSA-9548-qrrj-x5pj", "severity": "LOW", "summary": " AIOHTTP is vulnerable to HTTP Request/Response Smuggling through incorrect parsing of chunked trailer sections" }, { "id": "GHSA-966j-vmvw-g2g9", "severity": "LOW", "summary": "AIOHTTP leaks Cookie and Proxy-Authorization headers on cross-origin redirect" }, { "id": "GHSA-c427-h43c-vf67", "severity": "MEDIUM", "summary": "AIOHTTP accepts duplicate Host headers" }, { "id": "GHSA-fh55-r93g-j68g", "severity": "LOW", "summary": "AIOHTTP Vulnerable to Cookie Parser Warning Storm" }, { "id": "GHSA-g84x-mcqj-x9qq", "severity": "MEDIUM", "summary": "AIOHTTP vulnerable to DoS through chunked messages" }, { "id": "GHSA-gfw2-4jvh-wgfg", "severity": "MEDIUM", "summary": "AIOHTTP has problems in HTTP parser (the python one, not llhttp)" }, { "id": "GHSA-hcc4-c3v8-rx92", "severity": "LOW", "summary": "AIOHTTP Affected by Denial of Service (DoS) via Unbounded DNS Cache in TCPConnector" }, { "id": "GHSA-jj3x-wxrx-4x23", "severity": "MEDIUM", "summary": "AIOHTTP vulnerable to DoS when bypassing asserts" }, { "id": "GHSA-m5qp-6w8w-w647", "severity": "MEDIUM", "summary": "AIOHTTP has a Multipart Header Size Bypass" }, { "id": "GHSA-mqqc-3gqh-h2x8", "severity": "LOW", "summary": "AIOHTTP has unicode match groups in regexes for ASCII protocol elements" }, { "id": "GHSA-mwh4-6h8g-pg8w", "severity": "LOW", "summary": "AIOHTTP has HTTP response splitting via \\r in reason phrase" }, { "id": "GHSA-p998-jp59-783m", "severity": "MEDIUM", "summary": "AIOHTTP affected by UNC SSRF/NTLMv2 Credential Theft/Local File Read in static resource handler on Windows" }, { "id": "GHSA-pjjw-qhg8-p2p9", "severity": "MEDIUM", "summary": "aiohttp has vulnerable dependency that is vulnerable to request smuggling" }, { "id": "GHSA-q3qx-c6g2-7pw2", "severity": "MEDIUM", "summary": "aiohttp's ClientSession is vulnerable to CRLF injection via version" }, { "id": "GHSA-qvrw-v9rv-5rjx", "severity": "MEDIUM", "summary": "aiohttp's ClientSession is vulnerable to CRLF injection via method" }, { "id": "GHSA-v6wp-4m6f-gcjg", "severity": "LOW", "summary": "`aiohttp` Open Redirect vulnerability (`normalize_path_middleware` middleware)" }, { "id": "GHSA-w2fm-2cpv-w7v5", "severity": "MEDIUM", "summary": "aiohttp allows unlimited trailer headers, leading to possible uncapped memory usage" }, { "id": "GHSA-xx9p-xxvh-7g8j", "severity": "LOW", "summary": "Aiohttp has inconsistent interpretation of `Content-Length` vs. `Transfer-Encoding` differing in C and Python fallbacks" }, { "id": "PYSEC-2021-76", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-120", "severity": "UNKNOWN", "summary": "aiohttp.web.Application vulnerable to HTTP request smuggling via llhttp HTTP request parser" }, { "id": "PYSEC-2023-246", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-247", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-250", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-251", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-26", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "aaaa-mcpserver4567", "version": "0.0.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "aaaamcpuser", "version": "0.1.4", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 5, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "aaaamcpuser1", "version": "0.1.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 5, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "aaman-qjh-echarts-mcp", "version": "0.1.4", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 12, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-652x-xj99-gmcc", "GHSA-9wx4-h78v-vm56", "GHSA-gc5v-m9x4-r6x2", "PYSEC-2014-14" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "Credential Scope": [ "GHSA-9hjg-9r4m-mvj7", "GHSA-cfj3-7x9c-4p3h", "GHSA-x84v-xcm2-53pg", "PYSEC-2014-13", "PYSEC-2018-28" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "requests": [ { "id": "GHSA-652x-xj99-gmcc", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-9hjg-9r4m-mvj7", "severity": "MEDIUM", "summary": "Requests vulnerable to .netrc credentials leak via malicious URLs" }, { "id": "GHSA-9wx4-h78v-vm56", "severity": "MEDIUM", "summary": "Requests `Session` object does not verify requests after making first request with verify=False" }, { "id": "GHSA-cfj3-7x9c-4p3h", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-gc5v-m9x4-r6x2", "severity": "MEDIUM", "summary": "Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function" }, { "id": "GHSA-x84v-xcm2-53pg", "severity": "HIGH", "summary": "Insufficiently Protected Credentials in Requests" }, { "id": "PYSEC-2014-13", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-14", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2018-28", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "aaman-qjh-mindmap-mcp", "version": "0.1.5", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 12, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-652x-xj99-gmcc", "GHSA-9wx4-h78v-vm56", "GHSA-gc5v-m9x4-r6x2", "PYSEC-2014-14" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "Credential Scope": [ "GHSA-9hjg-9r4m-mvj7", "GHSA-cfj3-7x9c-4p3h", "GHSA-x84v-xcm2-53pg", "PYSEC-2014-13", "PYSEC-2018-28" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "requests": [ { "id": "GHSA-652x-xj99-gmcc", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-9hjg-9r4m-mvj7", "severity": "MEDIUM", "summary": "Requests vulnerable to .netrc credentials leak via malicious URLs" }, { "id": "GHSA-9wx4-h78v-vm56", "severity": "MEDIUM", "summary": "Requests `Session` object does not verify requests after making first request with verify=False" }, { "id": "GHSA-cfj3-7x9c-4p3h", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-gc5v-m9x4-r6x2", "severity": "MEDIUM", "summary": "Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function" }, { "id": "GHSA-x84v-xcm2-53pg", "severity": "HIGH", "summary": "Insufficiently Protected Credentials in Requests" }, { "id": "PYSEC-2014-13", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-14", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2018-28", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "aapt-mcp-server", "version": "1.0.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ] } }, { "name": "aaron-add-mcp", "version": "0.1.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ] } }, { "name": "aaron-sql-mcp-for-intern", "version": "0.1.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ] } }, { "name": "aas-mcp", "version": "0.0.1", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 9, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-6w46-j5rx-g56g", "GHSA-rcfx-77hg-w2wv" ], "Code Execution": [ "GHSA-5h2m-4q8j-pqpj", "GHSA-c2jp-c369-7pvx", "GHSA-m8x7-r2rg-vh5g", "GHSA-rj5c-58rq-j5g5", "GHSA-rww4-4w9c-7733" ], "Credential Scope": [ "GHSA-5h2m-4q8j-pqpj", "GHSA-vv7q-7jx5-f767" ], "Prompt Injection": [ "GHSA-mxxr-jv3v-6pgc" ], "Privilege Escalation": [ "GHSA-rww4-4w9c-7733", "GHSA-vv7q-7jx5-f767" ], "RAG & Memory Poisoning": [ "GHSA-vv7q-7jx5-f767" ], "Output Weaponization": [ "GHSA-vv7q-7jx5-f767" ] }, "direct_vulns": [], "dep_vulns": { "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ], "fastmcp": [ { "id": "GHSA-5h2m-4q8j-pqpj", "severity": "HIGH", "summary": "FastMCP OAuth Proxy token reuse across MCP servers" }, { "id": "GHSA-c2jp-c369-7pvx", "severity": "HIGH", "summary": "FastMCP Auth Integration Allows for Confused Deputy Account Takeover" }, { "id": "GHSA-m8x7-r2rg-vh5g", "severity": "MEDIUM", "summary": "FastMCP has a Command Injection vulnerability - Gemini CLI" }, { "id": "GHSA-mxxr-jv3v-6pgc", "severity": "MEDIUM", "summary": "FastMCP vulnerable to reflected XSS in client's callback page" }, { "id": "GHSA-rcfx-77hg-w2wv", "severity": "HIGH", "summary": "FastMCP updated to MCP 1.23+ due to CVE-2025-66416" }, { "id": "GHSA-rj5c-58rq-j5g5", "severity": "MEDIUM", "summary": "FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name" }, { "id": "GHSA-rww4-4w9c-7733", "severity": "HIGH", "summary": "FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities" }, { "id": "GHSA-vv7q-7jx5-f767", "severity": "CRITICAL", "summary": "FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability" } ] } }, { "name": "abacum-mcp-server", "version": "0.1.7", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 11, "max_severity": "CRITICAL", "tactic_exposure": { "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183", "GHSA-mxxr-jv3v-6pgc" ], "Infrastructure & Runtime": [ "PYSEC-2020-73", "GHSA-rcfx-77hg-w2wv" ], "Code Execution": [ "GHSA-5h2m-4q8j-pqpj", "GHSA-c2jp-c369-7pvx", "GHSA-m8x7-r2rg-vh5g", "GHSA-rj5c-58rq-j5g5", "GHSA-rww4-4w9c-7733" ], "Credential Scope": [ "GHSA-5h2m-4q8j-pqpj", "GHSA-vv7q-7jx5-f767" ], "Privilege Escalation": [ "GHSA-rww4-4w9c-7733", "GHSA-vv7q-7jx5-f767" ], "RAG & Memory Poisoning": [ "GHSA-vv7q-7jx5-f767" ], "Output Weaponization": [ "GHSA-vv7q-7jx5-f767" ] }, "direct_vulns": [], "dep_vulns": { "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "pandas": [ { "id": "PYSEC-2020-73", "severity": "UNKNOWN", "summary": "" } ], "fastmcp": [ { "id": "GHSA-5h2m-4q8j-pqpj", "severity": "HIGH", "summary": "FastMCP OAuth Proxy token reuse across MCP servers" }, { "id": "GHSA-c2jp-c369-7pvx", "severity": "HIGH", "summary": "FastMCP Auth Integration Allows for Confused Deputy Account Takeover" }, { "id": "GHSA-m8x7-r2rg-vh5g", "severity": "MEDIUM", "summary": "FastMCP has a Command Injection vulnerability - Gemini CLI" }, { "id": "GHSA-mxxr-jv3v-6pgc", "severity": "MEDIUM", "summary": "FastMCP vulnerable to reflected XSS in client's callback page" }, { "id": "GHSA-rcfx-77hg-w2wv", "severity": "HIGH", "summary": "FastMCP updated to MCP 1.23+ due to CVE-2025-66416" }, { "id": "GHSA-rj5c-58rq-j5g5", "severity": "MEDIUM", "summary": "FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name" }, { "id": "GHSA-rww4-4w9c-7733", "severity": "HIGH", "summary": "FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities" }, { "id": "GHSA-vv7q-7jx5-f767", "severity": "CRITICAL", "summary": "FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability" } ] } }, { "name": "abbe-mcp", "version": "0.2.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 5, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "abi-to-mcp", "version": "0.1.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 21, "max_severity": "CRITICAL", "tactic_exposure": { "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183", "GHSA-h5c8-rqwp-cp95", "GHSA-h75v-3vvj-5mfj" ], "Infrastructure & Runtime": [ "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47", "GHSA-6w46-j5rx-g56g", "GHSA-mf9w-mj56-hr94", "GHSA-462w-v97r-4m45", "GHSA-8r7q-cvjq-x353", "GHSA-cpwx-vrp4-4pq7", "GHSA-fqh9-2qgg-h84h", "GHSA-g3rq-g295-4j3m", "GHSA-hj2j-77xm-mc5v", "GHSA-q2x7-8rv6-6q7h", "PYSEC-2014-8", "PYSEC-2014-82", "PYSEC-2019-217", "PYSEC-2019-220", "PYSEC-2021-66" ], "Privilege Escalation": [ "GHSA-mf9w-mj56-hr94" ], "Credential Scope": [ "GHSA-mf9w-mj56-hr94" ] }, "direct_vulns": [], "dep_vulns": { "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ], "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ], "python-dotenv": [ { "id": "GHSA-mf9w-mj56-hr94", "severity": "MEDIUM", "summary": "python-dotenv: Symlink following in set_key allows arbitrary file overwrite via cross-device rename fallback" } ], "jinja2": [ { "id": "GHSA-462w-v97r-4m45", "severity": "HIGH", "summary": "Jinja2 sandbox escape via string formatting" }, { "id": "GHSA-8r7q-cvjq-x353", "severity": "HIGH", "summary": "Incorrect Privilege Assignment in Jinja2" }, { "id": "GHSA-cpwx-vrp4-4pq7", "severity": "MEDIUM", "summary": "Jinja2 vulnerable to sandbox breakout through attr filter selecting format method" }, { "id": "GHSA-fqh9-2qgg-h84h", "severity": "MEDIUM", "summary": "Insecure Temporary File in Jinja2" }, { "id": "GHSA-g3rq-g295-4j3m", "severity": "MEDIUM", "summary": "Regular Expression Denial of Service (ReDoS) in Jinja2" }, { "id": "GHSA-h5c8-rqwp-cp95", "severity": "MEDIUM", "summary": "Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter" }, { "id": "GHSA-h75v-3vvj-5mfj", "severity": "MEDIUM", "summary": "Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter" }, { "id": "GHSA-hj2j-77xm-mc5v", "severity": "HIGH", "summary": "Jinja2 sandbox escape vulnerability" }, { "id": "GHSA-q2x7-8rv6-6q7h", "severity": "MEDIUM", "summary": "Jinja has a sandbox breakout through indirect reference to format method" }, { "id": "PYSEC-2014-8", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-82", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2019-217", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2019-220", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-66", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "ableton-live-mcp", "version": "0.1.1", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ] } }, { "name": "ableton-live-mcp-server", "version": "0.2.1", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 15, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-f97h-2pfx-f59f", "PYSEC-2020-151", "GHSA-rcfx-77hg-w2wv" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh", "GHSA-33c7-2mpw-hg34", "PYSEC-2020-150", "GHSA-5h2m-4q8j-pqpj", "GHSA-c2jp-c369-7pvx", "GHSA-m8x7-r2rg-vh5g", "GHSA-rj5c-58rq-j5g5", "GHSA-rww4-4w9c-7733" ], "Credential Scope": [ "GHSA-5h2m-4q8j-pqpj", "GHSA-vv7q-7jx5-f767" ], "Prompt Injection": [ "GHSA-mxxr-jv3v-6pgc" ], "Privilege Escalation": [ "GHSA-rww4-4w9c-7733", "GHSA-vv7q-7jx5-f767" ], "RAG & Memory Poisoning": [ "GHSA-vv7q-7jx5-f767" ], "Output Weaponization": [ "GHSA-vv7q-7jx5-f767" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "uvicorn": [ { "id": "GHSA-33c7-2mpw-hg34", "severity": "HIGH", "summary": "Log injection in uvicorn" }, { "id": "GHSA-f97h-2pfx-f59f", "severity": "HIGH", "summary": "HTTP response splitting in uvicorn" }, { "id": "PYSEC-2020-150", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-151", "severity": "UNKNOWN", "summary": "" } ], "fastmcp": [ { "id": "GHSA-5h2m-4q8j-pqpj", "severity": "HIGH", "summary": "FastMCP OAuth Proxy token reuse across MCP servers" }, { "id": "GHSA-c2jp-c369-7pvx", "severity": "HIGH", "summary": "FastMCP Auth Integration Allows for Confused Deputy Account Takeover" }, { "id": "GHSA-m8x7-r2rg-vh5g", "severity": "MEDIUM", "summary": "FastMCP has a Command Injection vulnerability - Gemini CLI" }, { "id": "GHSA-mxxr-jv3v-6pgc", "severity": "MEDIUM", "summary": "FastMCP vulnerable to reflected XSS in client's callback page" }, { "id": "GHSA-rcfx-77hg-w2wv", "severity": "HIGH", "summary": "FastMCP updated to MCP 1.23+ due to CVE-2025-66416" }, { "id": "GHSA-rj5c-58rq-j5g5", "severity": "MEDIUM", "summary": "FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name" }, { "id": "GHSA-rww4-4w9c-7733", "severity": "HIGH", "summary": "FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities" }, { "id": "GHSA-vv7q-7jx5-f767", "severity": "CRITICAL", "summary": "FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability" } ] } }, { "name": "ableton-mcp", "version": "1.0.4", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ] } }, { "name": "ableton-mcp-extended", "version": "2.2.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ] } }, { "name": "ableton-mcp-fastmcp", "version": "1.0.1", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ] } }, { "name": "ableton-mcp-lofifren", "version": "1.1.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ] } }, { "name": "ableton-mcp-server", "version": "0.1.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 8, "max_severity": "CRITICAL", "tactic_exposure": { "Code Execution": [ "GHSA-5h2m-4q8j-pqpj", "GHSA-c2jp-c369-7pvx", "GHSA-m8x7-r2rg-vh5g", "GHSA-rj5c-58rq-j5g5", "GHSA-rww4-4w9c-7733" ], "Credential Scope": [ "GHSA-5h2m-4q8j-pqpj", "GHSA-vv7q-7jx5-f767" ], "Prompt Injection": [ "GHSA-mxxr-jv3v-6pgc" ], "Infrastructure & Runtime": [ "GHSA-rcfx-77hg-w2wv" ], "Privilege Escalation": [ "GHSA-rww4-4w9c-7733", "GHSA-vv7q-7jx5-f767" ], "RAG & Memory Poisoning": [ "GHSA-vv7q-7jx5-f767" ], "Output Weaponization": [ "GHSA-vv7q-7jx5-f767" ] }, "direct_vulns": [], "dep_vulns": { "fastmcp": [ { "id": "GHSA-5h2m-4q8j-pqpj", "severity": "HIGH", "summary": "FastMCP OAuth Proxy token reuse across MCP servers" }, { "id": "GHSA-c2jp-c369-7pvx", "severity": "HIGH", "summary": "FastMCP Auth Integration Allows for Confused Deputy Account Takeover" }, { "id": "GHSA-m8x7-r2rg-vh5g", "severity": "MEDIUM", "summary": "FastMCP has a Command Injection vulnerability - Gemini CLI" }, { "id": "GHSA-mxxr-jv3v-6pgc", "severity": "MEDIUM", "summary": "FastMCP vulnerable to reflected XSS in client's callback page" }, { "id": "GHSA-rcfx-77hg-w2wv", "severity": "HIGH", "summary": "FastMCP updated to MCP 1.23+ due to CVE-2025-66416" }, { "id": "GHSA-rj5c-58rq-j5g5", "severity": "MEDIUM", "summary": "FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name" }, { "id": "GHSA-rww4-4w9c-7733", "severity": "HIGH", "summary": "FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities" }, { "id": "GHSA-vv7q-7jx5-f767", "severity": "CRITICAL", "summary": "FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability" } ] } }, { "name": "ableton-mcp-u", "version": "1.0.2", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ] } }, { "name": "abraflexi-mcp-server", "version": "1.0.1", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 9, "max_severity": "CRITICAL", "tactic_exposure": { "Privilege Escalation": [ "GHSA-mf9w-mj56-hr94", "GHSA-rww4-4w9c-7733", "GHSA-vv7q-7jx5-f767" ], "Credential Scope": [ "GHSA-mf9w-mj56-hr94", "GHSA-5h2m-4q8j-pqpj", "GHSA-vv7q-7jx5-f767" ], "Infrastructure & Runtime": [ "GHSA-mf9w-mj56-hr94", "GHSA-rcfx-77hg-w2wv" ], "Code Execution": [ "GHSA-5h2m-4q8j-pqpj", "GHSA-c2jp-c369-7pvx", "GHSA-m8x7-r2rg-vh5g", "GHSA-rj5c-58rq-j5g5", "GHSA-rww4-4w9c-7733" ], "Prompt Injection": [ "GHSA-mxxr-jv3v-6pgc" ], "RAG & Memory Poisoning": [ "GHSA-vv7q-7jx5-f767" ], "Output Weaponization": [ "GHSA-vv7q-7jx5-f767" ] }, "direct_vulns": [], "dep_vulns": { "python-dotenv": [ { "id": "GHSA-mf9w-mj56-hr94", "severity": "MEDIUM", "summary": "python-dotenv: Symlink following in set_key allows arbitrary file overwrite via cross-device rename fallback" } ], "fastmcp": [ { "id": "GHSA-5h2m-4q8j-pqpj", "severity": "HIGH", "summary": "FastMCP OAuth Proxy token reuse across MCP servers" }, { "id": "GHSA-c2jp-c369-7pvx", "severity": "HIGH", "summary": "FastMCP Auth Integration Allows for Confused Deputy Account Takeover" }, { "id": "GHSA-m8x7-r2rg-vh5g", "severity": "MEDIUM", "summary": "FastMCP has a Command Injection vulnerability - Gemini CLI" }, { "id": "GHSA-mxxr-jv3v-6pgc", "severity": "MEDIUM", "summary": "FastMCP vulnerable to reflected XSS in client's callback page" }, { "id": "GHSA-rcfx-77hg-w2wv", "severity": "HIGH", "summary": "FastMCP updated to MCP 1.23+ due to CVE-2025-66416" }, { "id": "GHSA-rj5c-58rq-j5g5", "severity": "MEDIUM", "summary": "FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name" }, { "id": "GHSA-rww4-4w9c-7733", "severity": "HIGH", "summary": "FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities" }, { "id": "GHSA-vv7q-7jx5-f767", "severity": "CRITICAL", "summary": "FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability" } ] } }, { "name": "abrasio-mcp", "version": "0.1.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 4, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-6w46-j5rx-g56g" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ] } }, { "name": "abroad-mcp-server-qiangyang", "version": "1.0.4", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 7, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-39ph-wr67-j4xq", "PYSEC-2022-14" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "loguru": [ { "id": "GHSA-39ph-wr67-j4xq", "severity": "MEDIUM", "summary": "loguru logs sensitive information" }, { "id": "PYSEC-2022-14", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "abuseipdb_mcp", "version": "0.0.4", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "academia-mcp", "version": "1.13.4", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 199, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-652x-xj99-gmcc", "GHSA-9wx4-h78v-vm56", "GHSA-gc5v-m9x4-r6x2", "PYSEC-2014-14", "GHSA-462w-v97r-4m45", "GHSA-8r7q-cvjq-x353", "GHSA-cpwx-vrp4-4pq7", "GHSA-fqh9-2qgg-h84h", "GHSA-g3rq-g295-4j3m", "GHSA-hj2j-77xm-mc5v", "GHSA-q2x7-8rv6-6q7h", "PYSEC-2014-8", "PYSEC-2014-82", "PYSEC-2019-217", "PYSEC-2019-220", "PYSEC-2021-66", "GHSA-3c5c-7235-994j", "GHSA-3wvg-mj6g-m9cv", "GHSA-3xv8-3j54-hgrp", "GHSA-43fq-w8qq-v88h", "GHSA-44wm-f244-xhp3", "GHSA-4fx9-vc88-q2xc", "GHSA-57h3-9rgr-c24m", "GHSA-5gm3-px64-rw72", "GHSA-7534-mm45-c74v", "GHSA-7r7m-5h27-29hp", "GHSA-8843-m7mw-mxqm", "GHSA-8ghj-p4vj-mr35", "GHSA-8vj2-vxx3-667w", "GHSA-8xjq-8fcg-g5hw", "GHSA-8xjv-v9xq-m5h9", "GHSA-95q3-8gr9-gm8w", "GHSA-cfmr-38g9-f2h7", "GHSA-cqhg-xjhh-p8hf", "GHSA-f4w8-cv6p-x6r5", "GHSA-f5g8-5qq7-938w", "GHSA-g6rj-rv7j-xwp4", "GHSA-h5rf-vgqx-wjv2", "GHSA-hggx-3h72-49ww", "GHSA-hj69-c76v-86wr", "GHSA-hvr8-466p-75rh", "GHSA-j6f7-g425-4gmx", "GHSA-j7hp-h8jx-5ppr", "GHSA-j7mj-748x-7p78", "GHSA-jgpv-4h4c-xhw3", "GHSA-m2vv-5vj5-2hm7", "GHSA-mvg9-xffr-p774", "GHSA-p49h-hjvm-jg3h", "GHSA-pw3c-h7wp-cvhx", "GHSA-q5hq-fp76-qmrc", "GHSA-r7rm-8j6h-r933", "GHSA-r854-96gq-rfg3", "GHSA-rwr3-c2q8-gm56", "GHSA-vcqg-3p29-xw73", "GHSA-vj42-xq3r-hr3r", "GHSA-vqcj-wrf2-7v73", "GHSA-x895-2wrm-hvp7", "GHSA-xrcv-f9gm-v42c", "PYSEC-2014-10", "PYSEC-2014-22", "PYSEC-2014-23", "PYSEC-2014-87", "PYSEC-2015-15", "PYSEC-2015-16", "PYSEC-2016-19", "PYSEC-2016-5", "PYSEC-2016-6", "PYSEC-2016-7", "PYSEC-2016-8", "PYSEC-2019-110", "PYSEC-2020-172", "PYSEC-2020-76", "PYSEC-2020-77", "PYSEC-2020-78", "PYSEC-2020-79", "PYSEC-2020-80", "PYSEC-2020-81", "PYSEC-2020-82", "PYSEC-2020-83", "PYSEC-2020-84", "PYSEC-2021-137", "PYSEC-2021-138", "PYSEC-2021-139", "PYSEC-2021-317", "PYSEC-2021-331", "PYSEC-2021-35", "PYSEC-2021-36", "PYSEC-2021-37", "PYSEC-2021-38", "PYSEC-2021-39", "PYSEC-2021-40", "PYSEC-2021-41", "PYSEC-2021-42", "PYSEC-2021-69", "PYSEC-2021-70", "PYSEC-2021-92", "PYSEC-2021-93", "PYSEC-2021-94", "PYSEC-2022-10", "PYSEC-2022-168", "PYSEC-2022-42979", "PYSEC-2022-8", "PYSEC-2022-9", "PYSEC-2023-175", "PYSEC-2023-227", "GHSA-2q4j-m29v-hq73", "GHSA-2rw7-x74f-jg35", "GHSA-3crg-w4f6-42mx", "GHSA-4pxv-j86v-mhcw", "GHSA-7gw9-cf7v-778f", "GHSA-7hfw-26vp-jp8m", "GHSA-87mj-5ggw-8qc3", "GHSA-996q-pr4m-cvgq", "GHSA-9m86-7pmv-2852", "GHSA-9mvc-8737-8j8h", "GHSA-f2v5-7jq9-h8cg", "GHSA-hqmh-ppp3-xvm7", "GHSA-jfx9-29x2-rv3j", "GHSA-jj6c-8h6c-hppx", "GHSA-m449-cwjh-6pw7", "GHSA-qpxp-75px-xjcp", "GHSA-vr63-x8vc-m265", "GHSA-wgvp-vg3v-2xq3", "GHSA-x284-j5p8-9c5p", "GHSA-x7hp-r3qg-r3cj", "GHSA-7mpr-5m44-h73r", "GHSA-275c-w5mq-v5m2", "GHSA-2hvc-hwg3-hpvw", "GHSA-2wcj-qr76-9768", "GHSA-4rrv-8gcp-24v8", "GHSA-547m-23x7-cxg5", "GHSA-8fp7-jwv2-49x9", "GHSA-8wfh-qxxv-3q8c", "GHSA-c6ph-m8cw-rfqh", "GHSA-cv2j-922j-hr56", "GHSA-g57v-2687-jx33", "GHSA-hh7p-hvm3-rg88", "GHSA-jm68-fpmr-8j2g", "GHSA-mr78-v55p-7777", "GHSA-qppw-c37g-xwcc", "GHSA-rg9q-m8hv-xxr6", "GHSA-rr46-m366-gm44", "GHSA-rx2r-q96c-w5cc", "GHSA-v9pg-qw6x-w5r2", "GHSA-x3q9-c788-j7c8", "GHSA-xjpw-hx47-rccv", "PYSEC-2023-122", "PYSEC-2023-123", "PYSEC-2023-124", "PYSEC-2023-125", "PYSEC-2024-129", "PYSEC-2024-130", "PYSEC-2024-131", "PYSEC-2024-132", "PYSEC-2024-133", "PYSEC-2024-134", "PYSEC-2024-135", "PYSEC-2024-136", "PYSEC-2024-137", "PYSEC-2024-138", "PYSEC-2024-139", "PYSEC-2024-140", "PYSEC-2024-141", "PYSEC-2024-144", "PYSEC-2024-145" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh", "GHSA-3f63-hfp8-52jq", "GHSA-3wvg-mj6g-m9cv", "GHSA-5gm3-px64-rw72", "GHSA-8m9x-pxwq-j236", "GHSA-95q3-8gr9-gm8w", "GHSA-f4w8-cv6p-x6r5", "GHSA-jgpv-4h4c-xhw3", "GHSA-q5hq-fp76-qmrc", "GHSA-w4vg-rf63-f3j3", "PYSEC-2016-9", "GHSA-4f6g-68pf-7vhv", "GHSA-4xc4-762w-m6cg", "GHSA-3cr5-2446-8pg3", "GHSA-83g7-8fch-p37m", "GHSA-9q9v-qgwx-84mr", "GHSA-chj7-w3f6-cvfj", "GHSA-fh54-3vhg-mpc2", "GHSA-gcjf-29m9-888q", "GHSA-j5h9-9r39-43q5", "GHSA-mrmm-qmrj-xgp6", "GHSA-qqv2-35q8-p2g2", "GHSA-rf7p-79xq-8xwm", "PYSEC-2022-43063", "PYSEC-2023-126", "PYSEC-2024-142", "PYSEC-2024-143", "PYSEC-2024-146" ], "Credential Scope": [ "GHSA-9hjg-9r4m-mvj7", "GHSA-cfj3-7x9c-4p3h", "GHSA-x84v-xcm2-53pg", "PYSEC-2014-13", "PYSEC-2018-28" ], "Prompt Injection": [ "GHSA-h5c8-rqwp-cp95", "GHSA-h75v-3vvj-5mfj" ], "RAG & Memory Poisoning": [ "GHSA-9j59-75qj-795w", "GHSA-2rp8-hff9-c5wr", "GHSA-jwrc-3v3f-5cq5" ], "Output Weaponization": [ "GHSA-8fp7-jwv2-49x9", "GHSA-hh7p-hvm3-rg88", "PYSEC-2023-124", "PYSEC-2024-141" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "requests": [ { "id": "GHSA-652x-xj99-gmcc", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-9hjg-9r4m-mvj7", "severity": "MEDIUM", "summary": "Requests vulnerable to .netrc credentials leak via malicious URLs" }, { "id": "GHSA-9wx4-h78v-vm56", "severity": "MEDIUM", "summary": "Requests `Session` object does not verify requests after making first request with verify=False" }, { "id": "GHSA-cfj3-7x9c-4p3h", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-gc5v-m9x4-r6x2", "severity": "MEDIUM", "summary": "Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function" }, { "id": "GHSA-x84v-xcm2-53pg", "severity": "HIGH", "summary": "Insufficiently Protected Credentials in Requests" }, { "id": "PYSEC-2014-13", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-14", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2018-28", "severity": "UNKNOWN", "summary": "" } ], "jinja2": [ { "id": "GHSA-462w-v97r-4m45", "severity": "HIGH", "summary": "Jinja2 sandbox escape via string formatting" }, { "id": "GHSA-8r7q-cvjq-x353", "severity": "HIGH", "summary": "Incorrect Privilege Assignment in Jinja2" }, { "id": "GHSA-cpwx-vrp4-4pq7", "severity": "MEDIUM", "summary": "Jinja2 vulnerable to sandbox breakout through attr filter selecting format method" }, { "id": "GHSA-fqh9-2qgg-h84h", "severity": "MEDIUM", "summary": "Insecure Temporary File in Jinja2" }, { "id": "GHSA-g3rq-g295-4j3m", "severity": "MEDIUM", "summary": "Regular Expression Denial of Service (ReDoS) in Jinja2" }, { "id": "GHSA-h5c8-rqwp-cp95", "severity": "MEDIUM", "summary": "Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter" }, { "id": "GHSA-h75v-3vvj-5mfj", "severity": "MEDIUM", "summary": "Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter" }, { "id": "GHSA-hj2j-77xm-mc5v", "severity": "HIGH", "summary": "Jinja2 sandbox escape vulnerability" }, { "id": "GHSA-q2x7-8rv6-6q7h", "severity": "MEDIUM", "summary": "Jinja has a sandbox breakout through indirect reference to format method" }, { "id": "PYSEC-2014-8", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-82", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2019-217", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2019-220", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-66", "severity": "UNKNOWN", "summary": "" } ], "pillow": [ { "id": "GHSA-3c5c-7235-994j", "severity": "HIGH", "summary": "Pillow buffer overflow in ImagingPcdDecode" }, { "id": "GHSA-3f63-hfp8-52jq", "severity": "CRITICAL", "summary": "Arbitrary Code Execution in Pillow" }, { "id": "GHSA-3wvg-mj6g-m9cv", "severity": "HIGH", "summary": "Pillow Uncontrolled Resource Consumption" }, { "id": "GHSA-3xv8-3j54-hgrp", "severity": "HIGH", "summary": "Out-of-bounds read in Pillow" }, { "id": "GHSA-43fq-w8qq-v88h", "severity": "CRITICAL", "summary": "Out-of-bounds read in Pillow" }, { "id": "GHSA-44wm-f244-xhp3", "severity": "HIGH", "summary": "Pillow buffer overflow vulnerability" }, { "id": "GHSA-4fx9-vc88-q2xc", "severity": "LOW", "summary": "Infinite loop in Pillow" }, { "id": "GHSA-57h3-9rgr-c24m", "severity": "CRITICAL", "summary": "Out of bounds write in Pillow" }, { "id": "GHSA-5gm3-px64-rw72", "severity": "HIGH", "summary": "Uncontrolled Resource Consumption in Pillow" }, { "id": "GHSA-7534-mm45-c74v", "severity": "CRITICAL", "summary": "Buffer Overflow in Pillow" }, { "id": "GHSA-7r7m-5h27-29hp", "severity": "HIGH", "summary": "Potential infinite loop in Pillow" }, { "id": "GHSA-8843-m7mw-mxqm", "severity": "HIGH", "summary": "Buffer overflow in Pillow" }, { "id": "GHSA-8ghj-p4vj-mr35", "severity": "HIGH", "summary": "Pillow Denial of Service vulnerability" }, { "id": "GHSA-8m9x-pxwq-j236", "severity": "CRITICAL", "summary": "Pillow command injection" }, { "id": "GHSA-8vj2-vxx3-667w", "severity": "CRITICAL", "summary": "Arbitrary expression injection in Pillow" }, { "id": "GHSA-8xjq-8fcg-g5hw", "severity": "HIGH", "summary": "Out-of-bounds Write in Pillow" }, { "id": "GHSA-8xjv-v9xq-m5h9", "severity": "HIGH", "summary": "Pillow Buffer overflow in ImagingFliDecode" }, { "id": "GHSA-95q3-8gr9-gm8w", "severity": "HIGH", "summary": "Pillow Denial of Service by Uncontrolled Resource Consumption" }, { "id": "GHSA-9j59-75qj-795w", "severity": "HIGH", "summary": "Path traversal in Pillow" }, { "id": "GHSA-cfmr-38g9-f2h7", "severity": "HIGH", "summary": "Pillow denial of service via Crafted Block Size" }, { "id": "GHSA-cqhg-xjhh-p8hf", "severity": "HIGH", "summary": "Out-of-bounds reads in Pillow" }, { "id": "GHSA-f4w8-cv6p-x6r5", "severity": "HIGH", "summary": "Pillow Denial of Service by Uncontrolled Resource Consumption" }, { "id": "GHSA-f5g8-5qq7-938w", "severity": "HIGH", "summary": "Pillow Out-of-bounds Read" }, { "id": "GHSA-g6rj-rv7j-xwp4", "severity": "HIGH", "summary": "Pillow denial of service" }, { "id": "GHSA-h5rf-vgqx-wjv2", "severity": "HIGH", "summary": "Pillow denial of service via PNG bomb" }, { "id": "GHSA-hggx-3h72-49ww", "severity": "MEDIUM", "summary": "Pillow Buffer overflow in ImagingLibTiffDecode" }, { "id": "GHSA-hj69-c76v-86wr", "severity": "HIGH", "summary": "Out-of-bounds Read in Pillow" }, { "id": "GHSA-hvr8-466p-75rh", "severity": "CRITICAL", "summary": "Pillow Integer overflow in ImagingResampleHorizontal" }, { "id": "GHSA-j6f7-g425-4gmx", "severity": "HIGH", "summary": "Pillow is vulnerable to Denial of Service (DOS) in the Jpeg2KImagePlugin" }, { "id": "GHSA-j7hp-h8jx-5ppr", "severity": "HIGH", "summary": "libwebp: OOB write in BuildHuffmanTable" }, { "id": "GHSA-j7mj-748x-7p78", "severity": "HIGH", "summary": "DOS attack in Pillow when processing specially crafted image files" }, { "id": "GHSA-jgpv-4h4c-xhw3", "severity": "MEDIUM", "summary": "Uncontrolled Resource Consumption in pillow" }, { "id": "GHSA-m2vv-5vj5-2hm7", "severity": "HIGH", "summary": "Pillow vulnerable to Data Amplification attack." }, { "id": "GHSA-mvg9-xffr-p774", "severity": "HIGH", "summary": "Out of bounds read in Pillow" }, { "id": "GHSA-p49h-hjvm-jg3h", "severity": "CRITICAL", "summary": "PCX P mode buffer overflow in Pillow" }, { "id": "GHSA-pw3c-h7wp-cvhx", "severity": "MEDIUM", "summary": "Improper Initialization in Pillow" }, { "id": "GHSA-q5hq-fp76-qmrc", "severity": "HIGH", "summary": "Uncontrolled Resource Consumption in Pillow" }, { "id": "GHSA-r7rm-8j6h-r933", "severity": "CRITICAL", "summary": "Buffer Copy without Checking Size of Input in Pillow" }, { "id": "GHSA-r854-96gq-rfg3", "severity": "MEDIUM", "summary": "Pillow Temporary file name leakage" }, { "id": "GHSA-rwr3-c2q8-gm56", "severity": "MEDIUM", "summary": "Pillow Integer overflow in Map.c" }, { "id": "GHSA-vcqg-3p29-xw73", "severity": "CRITICAL", "summary": "Integer overflow in Pillow" }, { "id": "GHSA-vj42-xq3r-hr3r", "severity": "HIGH", "summary": "Out-of-bounds reads in Pillow" }, { "id": "GHSA-vqcj-wrf2-7v73", "severity": "HIGH", "summary": "Pillow Out-of-bounds Write" }, { "id": "GHSA-w4vg-rf63-f3j3", "severity": "HIGH", "summary": "Arbitrary code using \"crafted image file\" approach affecting Pillow" }, { "id": "GHSA-x895-2wrm-hvp7", "severity": "HIGH", "summary": "PIL and Pillow Vulnerable to Symlink Attack on Tmpfiles" }, { "id": "GHSA-xrcv-f9gm-v42c", "severity": "MEDIUM", "summary": "Out-of-bounds Read in Pillow" }, { "id": "PYSEC-2014-10", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-22", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-23", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-87", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2015-15", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2015-16", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2016-19", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2016-5", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2016-6", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2016-7", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2016-8", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2016-9", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2019-110", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-172", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-76", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-77", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-78", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-79", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-80", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-81", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-82", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-83", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-84", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-137", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-138", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-139", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-317", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-331", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-35", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-36", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-37", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-38", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-39", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-40", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-41", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-42", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-69", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-70", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-92", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-93", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-94", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2022-10", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2022-168", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2022-42979", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2022-8", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2022-9", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-175", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-227", "severity": "UNKNOWN", "summary": "" } ], "pypdf": [ { "id": "GHSA-2q4j-m29v-hq73", "severity": "MEDIUM", "summary": "pypdf has possible Infinite Loop when processing outlines/bookmarks" }, { "id": "GHSA-2rw7-x74f-jg35", "severity": "LOW", "summary": "pypdf has a possible infinite loop when loading circular /Prev entries in cross-reference streams" }, { "id": "GHSA-3crg-w4f6-42mx", "severity": "MEDIUM", "summary": "pypdf: Manipulated XMP metadata entity declarations can exhaust RAM" }, { "id": "GHSA-4f6g-68pf-7vhv", "severity": "LOW", "summary": "pypdf has possible long runtimes for malformed startxref" }, { "id": "GHSA-4pxv-j86v-mhcw", "severity": "MEDIUM", "summary": "pypdf: Possible long runtimes for wrong size values in incremental mode" }, { "id": "GHSA-4xc4-762w-m6cg", "severity": "LOW", "summary": "pypdf has possible long runtimes for missing /Root object with large /Size values" }, { "id": "GHSA-7gw9-cf7v-778f", "severity": "MEDIUM", "summary": "pypdf: Manipulated FlateDecode predictor parameters can exhaust RAM" }, { "id": "GHSA-7hfw-26vp-jp8m", "severity": "MEDIUM", "summary": "PyPDF's Manipulated FlateDecode streams can exhaust RAM" }, { "id": "GHSA-87mj-5ggw-8qc3", "severity": "MEDIUM", "summary": "pypdf: Possible infinite loop during recovery attempts in DictionaryObject.read_from_stream" }, { "id": "GHSA-996q-pr4m-cvgq", "severity": "MEDIUM", "summary": "pypdf has a possible infinite loop when processing TreeObject" }, { "id": "GHSA-9m86-7pmv-2852", "severity": "MEDIUM", "summary": "pypdf vulnerable to inefficient decoding of ASCIIHexDecode streams" }, { "id": "GHSA-9mvc-8737-8j8h", "severity": "MEDIUM", "summary": "pypdf possibly has long runtimes for malformed FlateDecode streams" }, { "id": "GHSA-f2v5-7jq9-h8cg", "severity": "MEDIUM", "summary": "pypdf: Manipulated RunLengthDecode streams can exhaust RAM" }, { "id": "GHSA-hqmh-ppp3-xvm7", "severity": "MEDIUM", "summary": "pypdf: manipulated stream length values can exhaust RAM" }, { "id": "GHSA-jfx9-29x2-rv3j", "severity": "MEDIUM", "summary": "pypdf can exhaust RAM via manipulated LZWDecode streams" }, { "id": "GHSA-jj6c-8h6c-hppx", "severity": "MEDIUM", "summary": "pypdf has long runtimes for wrong size values in cross-reference and object streams" }, { "id": "GHSA-m449-cwjh-6pw7", "severity": "MEDIUM", "summary": "pypdf's LZWDecode streams be manipulated to exhaust RAM" }, { "id": "GHSA-qpxp-75px-xjcp", "severity": "MEDIUM", "summary": "pypdf has inefficient decoding of array-based streams" }, { "id": "GHSA-vr63-x8vc-m265", "severity": "MEDIUM", "summary": "pypdf possibly loops infinitely when reading DCT inline images without EOF marker" }, { "id": "GHSA-wgvp-vg3v-2xq3", "severity": "MEDIUM", "summary": "pypdf has possible long runtimes/large memory usage for large /ToUnicode streams" }, { "id": "GHSA-x284-j5p8-9c5p", "severity": "MEDIUM", "summary": "pypdf: Manipulated FlateDecode image dimensions can exhaust RAM" }, { "id": "GHSA-x7hp-r3qg-r3cj", "severity": "MEDIUM", "summary": "pypdf: Manipulated FlateDecode XFA streams can exhaust RAM" } ], "markdownify": [ { "id": "GHSA-7mpr-5m44-h73r", "severity": "LOW", "summary": "markdownify allows large headline prefixes such as , which causes memory consumption" } ], "paddlepaddle": [ { "id": "GHSA-275c-w5mq-v5m2", "severity": "MEDIUM", "summary": "PaddlePaddle floating point exception in paddle.argmin and paddle.argmax" }, { "id": "GHSA-2hvc-hwg3-hpvw", "severity": "CRITICAL", "summary": "PaddlePaddle Out-of-bounds Read vulnerability" }, { "id": "GHSA-2rp8-hff9-c5wr", "severity": "CRITICAL", "summary": "PaddlePaddle Path Traversal vulnerability" }, { "id": "GHSA-2wcj-qr76-9768", "severity": "MEDIUM", "summary": "PaddlePaddle segfault in paddle.put_along_axis" }, { "id": "GHSA-3cr5-2446-8pg3", "severity": "CRITICAL", "summary": "PaddlePaddle command injection in convert_shape_compare" }, { "id": "GHSA-4rrv-8gcp-24v8", "severity": "HIGH", "summary": "PaddlePaddle stack overflow in paddle.searchsorted" }, { "id": "GHSA-547m-23x7-cxg5", "severity": "MEDIUM", "summary": "PaddlePaddle null pointer dereference in paddle.nextafter" }, { "id": "GHSA-83g7-8fch-p37m", "severity": "CRITICAL", "summary": "PaddlePaddle vulnerable to code injection via winstr" }, { "id": "GHSA-8fp7-jwv2-49x9", "severity": "HIGH", "summary": "PaddlePaddle heap buffer overflow in paddle.repeat_interleave" }, { "id": "GHSA-8wfh-qxxv-3q8c", "severity": "HIGH", "summary": "Use after free in PaddlePaddle" }, { "id": "GHSA-9q9v-qgwx-84mr", "severity": "CRITICAL", "summary": "Command injection in PaddlePaddle" }, { "id": "GHSA-c6ph-m8cw-rfqh", "severity": "MEDIUM", "summary": "PaddlePaddle floating point exception in paddle.linalg.eig" }, { "id": "GHSA-chj7-w3f6-cvfj", "severity": "CRITICAL", "summary": "Code Injection in paddlepaddle" }, { "id": "GHSA-cv2j-922j-hr56", "severity": "MEDIUM", "summary": "Float point exception (FPE) in paddlepaddle" }, { "id": "GHSA-fh54-3vhg-mpc2", "severity": "HIGH", "summary": "PaddlePaddle command injection vulnerability" }, { "id": "GHSA-g57v-2687-jx33", "severity": "HIGH", "summary": "PaddlePaddle stack overflow in paddle.linalg.lu_unpack" }, { "id": "GHSA-gcjf-29m9-888q", "severity": "CRITICAL", "summary": "PaddlePaddle vulnerable to Code Injection" }, { "id": "GHSA-hh7p-hvm3-rg88", "severity": "HIGH", "summary": "Heap buffer overflow in PaddlePaddle" }, { "id": "GHSA-j5h9-9r39-43q5", "severity": "CRITICAL", "summary": "PaddlePaddle command injection in get_online_pass_interval" }, { "id": "GHSA-jm68-fpmr-8j2g", "severity": "MEDIUM", "summary": "PaddlePaddle floating point exception in paddle.linalg.matrix_rank" }, { "id": "GHSA-jwrc-3v3f-5cq5", "severity": "HIGH", "summary": "PaddlePaddle allows arbitrary file read via paddle.vision.ops.read_file" }, { "id": "GHSA-mr78-v55p-7777", "severity": "MEDIUM", "summary": "PaddlePaddle segfault in paddle.mode" }, { "id": "GHSA-mrmm-qmrj-xgp6", "severity": "CRITICAL", "summary": "PaddlePaddle vulnerable to remote code execution" }, { "id": "GHSA-qppw-c37g-xwcc", "severity": "MEDIUM", "summary": "PaddlePaddle nullptr dereference in paddle.crop" }, { "id": "GHSA-qqv2-35q8-p2g2", "severity": "HIGH", "summary": "PaddlePaddle command injection in paddle.utils.download._wget_download " }, { "id": "GHSA-rf7p-79xq-8xwm", "severity": "CRITICAL", "summary": "PaddlePaddle command injection in _wget_download" }, { "id": "GHSA-rg9q-m8hv-xxr6", "severity": "MEDIUM", "summary": "PaddlePaddle floating point exception in paddle.lerp" }, { "id": "GHSA-rr46-m366-gm44", "severity": "MEDIUM", "summary": "Null pointer dereference in PaddlePaddle" }, { "id": "GHSA-rx2r-q96c-w5cc", "severity": "MEDIUM", "summary": "PaddlePaddle floating point exception in paddle.topk" }, { "id": "GHSA-v9pg-qw6x-w5r2", "severity": "MEDIUM", "summary": "PaddlePaddle floating point exception in paddle.amin" }, { "id": "GHSA-x3q9-c788-j7c8", "severity": "MEDIUM", "summary": "PaddlePaddle segfault in paddle.dot" }, { "id": "GHSA-xjpw-hx47-rccv", "severity": "MEDIUM", "summary": "PaddlePaddle floating point exception in paddle.nanmedian" }, { "id": "PYSEC-2022-43063", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-122", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-123", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-124", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-125", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-126", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-129", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-130", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-131", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-132", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-133", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-134", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-135", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-136", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-137", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-138", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-139", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-140", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-141", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-142", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-143", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-144", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-145", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-146", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "academic-assistant-mcp", "version": "0.1.2", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 10, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-mf9w-mj56-hr94", "GHSA-f97h-2pfx-f59f", "PYSEC-2020-151" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh", "GHSA-33c7-2mpw-hg34", "PYSEC-2020-150" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183" ], "Privilege Escalation": [ "GHSA-mf9w-mj56-hr94" ], "Credential Scope": [ "GHSA-mf9w-mj56-hr94" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "python-dotenv": [ { "id": "GHSA-mf9w-mj56-hr94", "severity": "MEDIUM", "summary": "python-dotenv: Symlink following in set_key allows arbitrary file overwrite via cross-device rename fallback" } ], "uvicorn": [ { "id": "GHSA-33c7-2mpw-hg34", "severity": "HIGH", "summary": "Log injection in uvicorn" }, { "id": "GHSA-f97h-2pfx-f59f", "severity": "HIGH", "summary": "HTTP response splitting in uvicorn" }, { "id": "PYSEC-2020-150", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-151", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "academic-figures-mcp", "version": "0.4.5", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 103, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-3c5c-7235-994j", "GHSA-3wvg-mj6g-m9cv", "GHSA-3xv8-3j54-hgrp", "GHSA-43fq-w8qq-v88h", "GHSA-44wm-f244-xhp3", "GHSA-4fx9-vc88-q2xc", "GHSA-57h3-9rgr-c24m", "GHSA-5gm3-px64-rw72", "GHSA-7534-mm45-c74v", "GHSA-7r7m-5h27-29hp", "GHSA-8843-m7mw-mxqm", "GHSA-8ghj-p4vj-mr35", "GHSA-8vj2-vxx3-667w", "GHSA-8xjq-8fcg-g5hw", "GHSA-8xjv-v9xq-m5h9", "GHSA-95q3-8gr9-gm8w", "GHSA-cfmr-38g9-f2h7", "GHSA-cqhg-xjhh-p8hf", "GHSA-f4w8-cv6p-x6r5", "GHSA-f5g8-5qq7-938w", "GHSA-g6rj-rv7j-xwp4", "GHSA-h5rf-vgqx-wjv2", "GHSA-hggx-3h72-49ww", "GHSA-hj69-c76v-86wr", "GHSA-hvr8-466p-75rh", "GHSA-j6f7-g425-4gmx", "GHSA-j7hp-h8jx-5ppr", "GHSA-j7mj-748x-7p78", "GHSA-jgpv-4h4c-xhw3", "GHSA-m2vv-5vj5-2hm7", "GHSA-mvg9-xffr-p774", "GHSA-p49h-hjvm-jg3h", "GHSA-pw3c-h7wp-cvhx", "GHSA-q5hq-fp76-qmrc", "GHSA-r7rm-8j6h-r933", "GHSA-r854-96gq-rfg3", "GHSA-rwr3-c2q8-gm56", "GHSA-vcqg-3p29-xw73", "GHSA-vj42-xq3r-hr3r", "GHSA-vqcj-wrf2-7v73", "GHSA-x895-2wrm-hvp7", "GHSA-xrcv-f9gm-v42c", "PYSEC-2014-10", "PYSEC-2014-22", "PYSEC-2014-23", "PYSEC-2014-87", "PYSEC-2015-15", "PYSEC-2015-16", "PYSEC-2016-19", "PYSEC-2016-5", "PYSEC-2016-6", "PYSEC-2016-7", "PYSEC-2016-8", "PYSEC-2019-110", "PYSEC-2020-172", "PYSEC-2020-76", "PYSEC-2020-77", "PYSEC-2020-78", "PYSEC-2020-79", "PYSEC-2020-80", "PYSEC-2020-81", "PYSEC-2020-82", "PYSEC-2020-83", "PYSEC-2020-84", "PYSEC-2021-137", "PYSEC-2021-138", "PYSEC-2021-139", "PYSEC-2021-317", "PYSEC-2021-331", "PYSEC-2021-35", "PYSEC-2021-36", "PYSEC-2021-37", "PYSEC-2021-38", "PYSEC-2021-39", "PYSEC-2021-40", "PYSEC-2021-41", "PYSEC-2021-42", "PYSEC-2021-69", "PYSEC-2021-70", "PYSEC-2021-92", "PYSEC-2021-93", "PYSEC-2021-94", "PYSEC-2022-10", "PYSEC-2022-168", "PYSEC-2022-42979", "PYSEC-2022-8", "PYSEC-2022-9", "PYSEC-2023-175", "PYSEC-2023-227" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh", "GHSA-3f63-hfp8-52jq", "GHSA-3wvg-mj6g-m9cv", "GHSA-5gm3-px64-rw72", "GHSA-8m9x-pxwq-j236", "GHSA-95q3-8gr9-gm8w", "GHSA-f4w8-cv6p-x6r5", "GHSA-jgpv-4h4c-xhw3", "GHSA-q5hq-fp76-qmrc", "GHSA-w4vg-rf63-f3j3", "PYSEC-2016-9", "GHSA-8q59-q68h-6hv4", "GHSA-rprw-h62v-c2w7", "PYSEC-2018-49", "PYSEC-2021-142" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183", "GHSA-8q59-q68h-6hv4" ], "RAG & Memory Poisoning": [ "GHSA-9j59-75qj-795w" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "pillow": [ { "id": "GHSA-3c5c-7235-994j", "severity": "HIGH", "summary": "Pillow buffer overflow in ImagingPcdDecode" }, { "id": "GHSA-3f63-hfp8-52jq", "severity": "CRITICAL", "summary": "Arbitrary Code Execution in Pillow" }, { "id": "GHSA-3wvg-mj6g-m9cv", "severity": "HIGH", "summary": "Pillow Uncontrolled Resource Consumption" }, { "id": "GHSA-3xv8-3j54-hgrp", "severity": "HIGH", "summary": "Out-of-bounds read in Pillow" }, { "id": "GHSA-43fq-w8qq-v88h", "severity": "CRITICAL", "summary": "Out-of-bounds read in Pillow" }, { "id": "GHSA-44wm-f244-xhp3", "severity": "HIGH", "summary": "Pillow buffer overflow vulnerability" }, { "id": "GHSA-4fx9-vc88-q2xc", "severity": "LOW", "summary": "Infinite loop in Pillow" }, { "id": "GHSA-57h3-9rgr-c24m", "severity": "CRITICAL", "summary": "Out of bounds write in Pillow" }, { "id": "GHSA-5gm3-px64-rw72", "severity": "HIGH", "summary": "Uncontrolled Resource Consumption in Pillow" }, { "id": "GHSA-7534-mm45-c74v", "severity": "CRITICAL", "summary": "Buffer Overflow in Pillow" }, { "id": "GHSA-7r7m-5h27-29hp", "severity": "HIGH", "summary": "Potential infinite loop in Pillow" }, { "id": "GHSA-8843-m7mw-mxqm", "severity": "HIGH", "summary": "Buffer overflow in Pillow" }, { "id": "GHSA-8ghj-p4vj-mr35", "severity": "HIGH", "summary": "Pillow Denial of Service vulnerability" }, { "id": "GHSA-8m9x-pxwq-j236", "severity": "CRITICAL", "summary": "Pillow command injection" }, { "id": "GHSA-8vj2-vxx3-667w", "severity": "CRITICAL", "summary": "Arbitrary expression injection in Pillow" }, { "id": "GHSA-8xjq-8fcg-g5hw", "severity": "HIGH", "summary": "Out-of-bounds Write in Pillow" }, { "id": "GHSA-8xjv-v9xq-m5h9", "severity": "HIGH", "summary": "Pillow Buffer overflow in ImagingFliDecode" }, { "id": "GHSA-95q3-8gr9-gm8w", "severity": "HIGH", "summary": "Pillow Denial of Service by Uncontrolled Resource Consumption" }, { "id": "GHSA-9j59-75qj-795w", "severity": "HIGH", "summary": "Path traversal in Pillow" }, { "id": "GHSA-cfmr-38g9-f2h7", "severity": "HIGH", "summary": "Pillow denial of service via Crafted Block Size" }, { "id": "GHSA-cqhg-xjhh-p8hf", "severity": "HIGH", "summary": "Out-of-bounds reads in Pillow" }, { "id": "GHSA-f4w8-cv6p-x6r5", "severity": "HIGH", "summary": "Pillow Denial of Service by Uncontrolled Resource Consumption" }, { "id": "GHSA-f5g8-5qq7-938w", "severity": "HIGH", "summary": "Pillow Out-of-bounds Read" }, { "id": "GHSA-g6rj-rv7j-xwp4", "severity": "HIGH", "summary": "Pillow denial of service" }, { "id": "GHSA-h5rf-vgqx-wjv2", "severity": "HIGH", "summary": "Pillow denial of service via PNG bomb" }, { "id": "GHSA-hggx-3h72-49ww", "severity": "MEDIUM", "summary": "Pillow Buffer overflow in ImagingLibTiffDecode" }, { "id": "GHSA-hj69-c76v-86wr", "severity": "HIGH", "summary": "Out-of-bounds Read in Pillow" }, { "id": "GHSA-hvr8-466p-75rh", "severity": "CRITICAL", "summary": "Pillow Integer overflow in ImagingResampleHorizontal" }, { "id": "GHSA-j6f7-g425-4gmx", "severity": "HIGH", "summary": "Pillow is vulnerable to Denial of Service (DOS) in the Jpeg2KImagePlugin" }, { "id": "GHSA-j7hp-h8jx-5ppr", "severity": "HIGH", "summary": "libwebp: OOB write in BuildHuffmanTable" }, { "id": "GHSA-j7mj-748x-7p78", "severity": "HIGH", "summary": "DOS attack in Pillow when processing specially crafted image files" }, { "id": "GHSA-jgpv-4h4c-xhw3", "severity": "MEDIUM", "summary": "Uncontrolled Resource Consumption in pillow" }, { "id": "GHSA-m2vv-5vj5-2hm7", "severity": "HIGH", "summary": "Pillow vulnerable to Data Amplification attack." }, { "id": "GHSA-mvg9-xffr-p774", "severity": "HIGH", "summary": "Out of bounds read in Pillow" }, { "id": "GHSA-p49h-hjvm-jg3h", "severity": "CRITICAL", "summary": "PCX P mode buffer overflow in Pillow" }, { "id": "GHSA-pw3c-h7wp-cvhx", "severity": "MEDIUM", "summary": "Improper Initialization in Pillow" }, { "id": "GHSA-q5hq-fp76-qmrc", "severity": "HIGH", "summary": "Uncontrolled Resource Consumption in Pillow" }, { "id": "GHSA-r7rm-8j6h-r933", "severity": "CRITICAL", "summary": "Buffer Copy without Checking Size of Input in Pillow" }, { "id": "GHSA-r854-96gq-rfg3", "severity": "MEDIUM", "summary": "Pillow Temporary file name leakage" }, { "id": "GHSA-rwr3-c2q8-gm56", "severity": "MEDIUM", "summary": "Pillow Integer overflow in Map.c" }, { "id": "GHSA-vcqg-3p29-xw73", "severity": "CRITICAL", "summary": "Integer overflow in Pillow" }, { "id": "GHSA-vj42-xq3r-hr3r", "severity": "HIGH", "summary": "Out-of-bounds reads in Pillow" }, { "id": "GHSA-vqcj-wrf2-7v73", "severity": "HIGH", "summary": "Pillow Out-of-bounds Write" }, { "id": "GHSA-w4vg-rf63-f3j3", "severity": "HIGH", "summary": "Arbitrary code using \"crafted image file\" approach affecting Pillow" }, { "id": "GHSA-x895-2wrm-hvp7", "severity": "HIGH", "summary": "PIL and Pillow Vulnerable to Symlink Attack on Tmpfiles" }, { "id": "GHSA-xrcv-f9gm-v42c", "severity": "MEDIUM", "summary": "Out-of-bounds Read in Pillow" }, { "id": "PYSEC-2014-10", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-22", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-23", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-87", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2015-15", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2015-16", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2016-19", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2016-5", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2016-6", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2016-7", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2016-8", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2016-9", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2019-110", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-172", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-76", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-77", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-78", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-79", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-80", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-81", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-82", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-83", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-84", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-137", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-138", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-139", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-317", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-331", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-35", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-36", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-37", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-38", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-39", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-40", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-41", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-42", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-69", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-70", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-92", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-93", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-94", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2022-10", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2022-168", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2022-42979", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2022-8", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2022-9", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-175", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-227", "severity": "UNKNOWN", "summary": "" } ], "pyyaml": [ { "id": "GHSA-8q59-q68h-6hv4", "severity": "CRITICAL", "summary": "Improper Input Validation in PyYAML" }, { "id": "GHSA-rprw-h62v-c2w7", "severity": "CRITICAL", "summary": "PyYAML insecurely deserializes YAML strings leading to arbitrary code execution" }, { "id": "PYSEC-2018-49", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-142", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "academic-mcp", "version": "0.1.7", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 53, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47", "GHSA-652x-xj99-gmcc", "GHSA-9wx4-h78v-vm56", "GHSA-gc5v-m9x4-r6x2", "PYSEC-2014-14", "GHSA-f97h-2pfx-f59f", "PYSEC-2020-151", "GHSA-rcfx-77hg-w2wv", "GHSA-39ph-wr67-j4xq", "PYSEC-2022-14", "GHSA-hjf3-r7gw-9rwg", "PYSEC-2011-19", "PYSEC-2012-14", "GHSA-jrm6-h9cq-8gqw", "GHSA-xcjx-m2pj-8g79", "GHSA-55x5-fj6c-h6m8", "GHSA-wrxv-2j5q-m38w", "PYSEC-2021-852", "PYSEC-2022-230" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh", "GHSA-33c7-2mpw-hg34", "PYSEC-2020-150", "GHSA-5h2m-4q8j-pqpj", "GHSA-c2jp-c369-7pvx", "GHSA-m8x7-r2rg-vh5g", "GHSA-rj5c-58rq-j5g5", "GHSA-rww4-4w9c-7733", "PYSEC-2022-194", "GHSA-vfmq-68hx-4jfw" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183", "GHSA-mxxr-jv3v-6pgc", "GHSA-3mwg-gp5g-fv3q", "PYSEC-2011-18", "PYSEC-2011-20", "PYSEC-2011-21", "GHSA-57qw-cc2g-pv5p", "GHSA-jq4v-f5q6-mjqq", "GHSA-pgww-xf46-h92r", "GHSA-xp26-p53h-6h2p", "PYSEC-2014-9", "PYSEC-2018-12", "PYSEC-2021-19" ], "Credential Scope": [ "GHSA-9hjg-9r4m-mvj7", "GHSA-cfj3-7x9c-4p3h", "GHSA-x84v-xcm2-53pg", "PYSEC-2014-13", "PYSEC-2018-28", "GHSA-5h2m-4q8j-pqpj", "GHSA-vv7q-7jx5-f767" ], "Privilege Escalation": [ "GHSA-rww4-4w9c-7733", "GHSA-vv7q-7jx5-f767" ], "RAG & Memory Poisoning": [ "GHSA-vv7q-7jx5-f767" ], "Output Weaponization": [ "GHSA-vv7q-7jx5-f767" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ], "requests": [ { "id": "GHSA-652x-xj99-gmcc", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-9hjg-9r4m-mvj7", "severity": "MEDIUM", "summary": "Requests vulnerable to .netrc credentials leak via malicious URLs" }, { "id": "GHSA-9wx4-h78v-vm56", "severity": "MEDIUM", "summary": "Requests `Session` object does not verify requests after making first request with verify=False" }, { "id": "GHSA-cfj3-7x9c-4p3h", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-gc5v-m9x4-r6x2", "severity": "MEDIUM", "summary": "Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function" }, { "id": "GHSA-x84v-xcm2-53pg", "severity": "HIGH", "summary": "Insufficiently Protected Credentials in Requests" }, { "id": "PYSEC-2014-13", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-14", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2018-28", "severity": "UNKNOWN", "summary": "" } ], "uvicorn": [ { "id": "GHSA-33c7-2mpw-hg34", "severity": "HIGH", "summary": "Log injection in uvicorn" }, { "id": "GHSA-f97h-2pfx-f59f", "severity": "HIGH", "summary": "HTTP response splitting in uvicorn" }, { "id": "PYSEC-2020-150", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-151", "severity": "UNKNOWN", "summary": "" } ], "fastmcp": [ { "id": "GHSA-5h2m-4q8j-pqpj", "severity": "HIGH", "summary": "FastMCP OAuth Proxy token reuse across MCP servers" }, { "id": "GHSA-c2jp-c369-7pvx", "severity": "HIGH", "summary": "FastMCP Auth Integration Allows for Confused Deputy Account Takeover" }, { "id": "GHSA-m8x7-r2rg-vh5g", "severity": "MEDIUM", "summary": "FastMCP has a Command Injection vulnerability - Gemini CLI" }, { "id": "GHSA-mxxr-jv3v-6pgc", "severity": "MEDIUM", "summary": "FastMCP vulnerable to reflected XSS in client's callback page" }, { "id": "GHSA-rcfx-77hg-w2wv", "severity": "HIGH", "summary": "FastMCP updated to MCP 1.23+ due to CVE-2025-66416" }, { "id": "GHSA-rj5c-58rq-j5g5", "severity": "MEDIUM", "summary": "FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name" }, { "id": "GHSA-rww4-4w9c-7733", "severity": "HIGH", "summary": "FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities" }, { "id": "GHSA-vv7q-7jx5-f767", "severity": "CRITICAL", "summary": "FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability" } ], "loguru": [ { "id": "GHSA-39ph-wr67-j4xq", "severity": "MEDIUM", "summary": "loguru logs sensitive information" }, { "id": "PYSEC-2022-14", "severity": "UNKNOWN", "summary": "" } ], "feedparser": [ { "id": "GHSA-3mwg-gp5g-fv3q", "severity": "MEDIUM", "summary": "feedparser Cross-site Scripting vulnerability" }, { "id": "GHSA-hjf3-r7gw-9rwg", "severity": "HIGH", "summary": "feedparser denial of service vulnerability" }, { "id": "PYSEC-2011-18", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2011-19", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2011-20", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2011-21", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2012-14", "severity": "UNKNOWN", "summary": "" } ], "PyPDF2": [ { "id": "GHSA-jrm6-h9cq-8gqw", "severity": "MEDIUM", "summary": "PyPDF2 quadratic runtime with malformed PDF missing xref marker" }, { "id": "GHSA-xcjx-m2pj-8g79", "severity": "MEDIUM", "summary": "Manipulated inline images can cause Infinite Loop in PyPDF2" }, { "id": "PYSEC-2022-194", "severity": "UNKNOWN", "summary": "" } ], "lxml": [ { "id": "GHSA-55x5-fj6c-h6m8", "severity": "MEDIUM", "summary": "lxml's HTML Cleaner allows crafted and SVG embedded scripts to pass through" }, { "id": "GHSA-57qw-cc2g-pv5p", "severity": "MEDIUM", "summary": "lxml Cross-site Scripting Via Control Characters" }, { "id": "GHSA-jq4v-f5q6-mjqq", "severity": "MEDIUM", "summary": "lxml vulnerable to Cross-Site Scripting " }, { "id": "GHSA-pgww-xf46-h92r", "severity": "MEDIUM", "summary": "lxml vulnerable to Cross-site Scripting" }, { "id": "GHSA-vfmq-68hx-4jfw", "severity": "HIGH", "summary": "lxml: Default configuration of iterparse() and ETCompatXMLParser() allows XXE to local files" }, { "id": "GHSA-wrxv-2j5q-m38w", "severity": "MEDIUM", "summary": "lxml NULL Pointer Dereference allows attackers to cause a denial of service" }, { "id": "GHSA-xp26-p53h-6h2p", "severity": "MEDIUM", "summary": "Improper Neutralization of Input During Web Page Generation in LXML" }, { "id": "PYSEC-2014-9", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2018-12", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-19", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-852", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2022-230", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "academic-search-mcp", "version": "0.1.8", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 46, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-652x-xj99-gmcc", "GHSA-9wx4-h78v-vm56", "GHSA-gc5v-m9x4-r6x2", "PYSEC-2014-14", "GHSA-rcfx-77hg-w2wv", "GHSA-hjf3-r7gw-9rwg", "PYSEC-2011-19", "PYSEC-2012-14", "GHSA-55x5-fj6c-h6m8", "GHSA-wrxv-2j5q-m38w", "PYSEC-2021-852", "PYSEC-2022-230", "GHSA-3vpc-4p9p-47hc", "GHSA-jrm6-h9cq-8gqw", "GHSA-xcjx-m2pj-8g79" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh", "GHSA-5h2m-4q8j-pqpj", "GHSA-c2jp-c369-7pvx", "GHSA-m8x7-r2rg-vh5g", "GHSA-rj5c-58rq-j5g5", "GHSA-rww4-4w9c-7733", "GHSA-vfmq-68hx-4jfw", "GHSA-qw2m-4pqf-rmpp", "PYSEC-2022-194" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183", "GHSA-mxxr-jv3v-6pgc", "GHSA-3mwg-gp5g-fv3q", "PYSEC-2011-18", "PYSEC-2011-20", "PYSEC-2011-21", "GHSA-57qw-cc2g-pv5p", "GHSA-jq4v-f5q6-mjqq", "GHSA-pgww-xf46-h92r", "GHSA-xp26-p53h-6h2p", "PYSEC-2014-9", "PYSEC-2018-12", "PYSEC-2021-19" ], "Credential Scope": [ "GHSA-9hjg-9r4m-mvj7", "GHSA-cfj3-7x9c-4p3h", "GHSA-x84v-xcm2-53pg", "PYSEC-2014-13", "PYSEC-2018-28", "GHSA-5h2m-4q8j-pqpj", "GHSA-vv7q-7jx5-f767" ], "Privilege Escalation": [ "GHSA-rww4-4w9c-7733", "GHSA-vv7q-7jx5-f767" ], "RAG & Memory Poisoning": [ "GHSA-vv7q-7jx5-f767" ], "Output Weaponization": [ "GHSA-vv7q-7jx5-f767", "GHSA-qw2m-4pqf-rmpp" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "requests": [ { "id": "GHSA-652x-xj99-gmcc", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-9hjg-9r4m-mvj7", "severity": "MEDIUM", "summary": "Requests vulnerable to .netrc credentials leak via malicious URLs" }, { "id": "GHSA-9wx4-h78v-vm56", "severity": "MEDIUM", "summary": "Requests `Session` object does not verify requests after making first request with verify=False" }, { "id": "GHSA-cfj3-7x9c-4p3h", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-gc5v-m9x4-r6x2", "severity": "MEDIUM", "summary": "Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function" }, { "id": "GHSA-x84v-xcm2-53pg", "severity": "HIGH", "summary": "Insufficiently Protected Credentials in Requests" }, { "id": "PYSEC-2014-13", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-14", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2018-28", "severity": "UNKNOWN", "summary": "" } ], "fastmcp": [ { "id": "GHSA-5h2m-4q8j-pqpj", "severity": "HIGH", "summary": "FastMCP OAuth Proxy token reuse across MCP servers" }, { "id": "GHSA-c2jp-c369-7pvx", "severity": "HIGH", "summary": "FastMCP Auth Integration Allows for Confused Deputy Account Takeover" }, { "id": "GHSA-m8x7-r2rg-vh5g", "severity": "MEDIUM", "summary": "FastMCP has a Command Injection vulnerability - Gemini CLI" }, { "id": "GHSA-mxxr-jv3v-6pgc", "severity": "MEDIUM", "summary": "FastMCP vulnerable to reflected XSS in client's callback page" }, { "id": "GHSA-rcfx-77hg-w2wv", "severity": "HIGH", "summary": "FastMCP updated to MCP 1.23+ due to CVE-2025-66416" }, { "id": "GHSA-rj5c-58rq-j5g5", "severity": "MEDIUM", "summary": "FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name" }, { "id": "GHSA-rww4-4w9c-7733", "severity": "HIGH", "summary": "FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities" }, { "id": "GHSA-vv7q-7jx5-f767", "severity": "CRITICAL", "summary": "FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability" } ], "feedparser": [ { "id": "GHSA-3mwg-gp5g-fv3q", "severity": "MEDIUM", "summary": "feedparser Cross-site Scripting vulnerability" }, { "id": "GHSA-hjf3-r7gw-9rwg", "severity": "HIGH", "summary": "feedparser denial of service vulnerability" }, { "id": "PYSEC-2011-18", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2011-19", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2011-20", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2011-21", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2012-14", "severity": "UNKNOWN", "summary": "" } ], "lxml": [ { "id": "GHSA-55x5-fj6c-h6m8", "severity": "MEDIUM", "summary": "lxml's HTML Cleaner allows crafted and SVG embedded scripts to pass through" }, { "id": "GHSA-57qw-cc2g-pv5p", "severity": "MEDIUM", "summary": "lxml Cross-site Scripting Via Control Characters" }, { "id": "GHSA-jq4v-f5q6-mjqq", "severity": "MEDIUM", "summary": "lxml vulnerable to Cross-Site Scripting " }, { "id": "GHSA-pgww-xf46-h92r", "severity": "MEDIUM", "summary": "lxml vulnerable to Cross-site Scripting" }, { "id": "GHSA-vfmq-68hx-4jfw", "severity": "HIGH", "summary": "lxml: Default configuration of iterparse() and ETCompatXMLParser() allows XXE to local files" }, { "id": "GHSA-wrxv-2j5q-m38w", "severity": "MEDIUM", "summary": "lxml NULL Pointer Dereference allows attackers to cause a denial of service" }, { "id": "GHSA-xp26-p53h-6h2p", "severity": "MEDIUM", "summary": "Improper Neutralization of Input During Web Page Generation in LXML" }, { "id": "PYSEC-2014-9", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2018-12", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-19", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-852", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2022-230", "severity": "UNKNOWN", "summary": "" } ], "curl-cffi": [ { "id": "GHSA-3vpc-4p9p-47hc", "severity": "HIGH", "summary": "curl_cffi bundles a version of libcurl affected by High Severity vulnerability" }, { "id": "GHSA-qw2m-4pqf-rmpp", "severity": "HIGH", "summary": "curl_cffi: Redirect-based SSRF leads to internal network access in curl_cffi (with TLS impersonation bypass)" } ], "pypdf2": [ { "id": "GHSA-jrm6-h9cq-8gqw", "severity": "MEDIUM", "summary": "PyPDF2 quadratic runtime with malformed PDF missing xref marker" }, { "id": "GHSA-xcjx-m2pj-8g79", "severity": "MEDIUM", "summary": "Manipulated inline images can cause Infinite Loop in PyPDF2" }, { "id": "PYSEC-2022-194", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "acatome-mcp", "version": "0.2.3", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 7, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-6w46-j5rx-g56g", "GHSA-fj7x-q9j7-g6q6", "PYSEC-2024-48" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "RAG & Memory Poisoning": [ "GHSA-3936-cmfr-pm3m" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ], "black": [ { "id": "GHSA-3936-cmfr-pm3m", "severity": "HIGH", "summary": "Black: Arbitrary file writes from unsanitized user input in cache file name" }, { "id": "GHSA-fj7x-q9j7-g6q6", "severity": "MEDIUM", "summary": "Black vulnerable to Regular Expression Denial of Service (ReDoS)" }, { "id": "PYSEC-2024-48", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "acatome-quest-mcp", "version": "0.2.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 7, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh", "GHSA-2xpj-f5g2-8p7m", "PYSEC-2020-24" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "asyncpg": [ { "id": "GHSA-2xpj-f5g2-8p7m", "severity": "CRITICAL", "summary": "Asyncpg Arbitrary Code Execution Via Access to an Uninitialized Pointer" }, { "id": "PYSEC-2020-24", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "acc-c2c-mcp", "version": "0.1.2", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 5, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "accessibility-ai-mcp", "version": "1.0.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ] } }, { "name": "accessibility-mcp-server", "version": "0.1.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 17, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-55x5-fj6c-h6m8", "GHSA-wrxv-2j5q-m38w", "PYSEC-2021-852", "PYSEC-2022-230" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh", "GHSA-vfmq-68hx-4jfw" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183", "GHSA-57qw-cc2g-pv5p", "GHSA-jq4v-f5q6-mjqq", "GHSA-pgww-xf46-h92r", "GHSA-xp26-p53h-6h2p", "PYSEC-2014-9", "PYSEC-2018-12", "PYSEC-2021-19" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "lxml": [ { "id": "GHSA-55x5-fj6c-h6m8", "severity": "MEDIUM", "summary": "lxml's HTML Cleaner allows crafted and SVG embedded scripts to pass through" }, { "id": "GHSA-57qw-cc2g-pv5p", "severity": "MEDIUM", "summary": "lxml Cross-site Scripting Via Control Characters" }, { "id": "GHSA-jq4v-f5q6-mjqq", "severity": "MEDIUM", "summary": "lxml vulnerable to Cross-Site Scripting " }, { "id": "GHSA-pgww-xf46-h92r", "severity": "MEDIUM", "summary": "lxml vulnerable to Cross-site Scripting" }, { "id": "GHSA-vfmq-68hx-4jfw", "severity": "HIGH", "summary": "lxml: Default configuration of iterparse() and ETCompatXMLParser() allows XXE to local files" }, { "id": "GHSA-wrxv-2j5q-m38w", "severity": "MEDIUM", "summary": "lxml NULL Pointer Dereference allows attackers to cause a denial of service" }, { "id": "GHSA-xp26-p53h-6h2p", "severity": "MEDIUM", "summary": "Improper Neutralization of Input During Web Page Generation in LXML" }, { "id": "PYSEC-2014-9", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2018-12", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-19", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-852", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2022-230", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "AccordoMCP", "version": "0.0.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "accordo-workflow-mcp", "version": "0.8.3", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 16, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47", "GHSA-6w46-j5rx-g56g", "GHSA-rcfx-77hg-w2wv" ], "Code Execution": [ "GHSA-5h2m-4q8j-pqpj", "GHSA-c2jp-c369-7pvx", "GHSA-m8x7-r2rg-vh5g", "GHSA-rj5c-58rq-j5g5", "GHSA-rww4-4w9c-7733", "GHSA-8q59-q68h-6hv4", "GHSA-rprw-h62v-c2w7", "PYSEC-2018-49", "PYSEC-2021-142" ], "Credential Scope": [ "GHSA-5h2m-4q8j-pqpj", "GHSA-vv7q-7jx5-f767" ], "Prompt Injection": [ "GHSA-mxxr-jv3v-6pgc", "GHSA-8q59-q68h-6hv4" ], "Privilege Escalation": [ "GHSA-rww4-4w9c-7733", "GHSA-vv7q-7jx5-f767" ], "RAG & Memory Poisoning": [ "GHSA-vv7q-7jx5-f767" ], "Output Weaponization": [ "GHSA-vv7q-7jx5-f767" ] }, "direct_vulns": [], "dep_vulns": { "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ], "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ], "fastmcp": [ { "id": "GHSA-5h2m-4q8j-pqpj", "severity": "HIGH", "summary": "FastMCP OAuth Proxy token reuse across MCP servers" }, { "id": "GHSA-c2jp-c369-7pvx", "severity": "HIGH", "summary": "FastMCP Auth Integration Allows for Confused Deputy Account Takeover" }, { "id": "GHSA-m8x7-r2rg-vh5g", "severity": "MEDIUM", "summary": "FastMCP has a Command Injection vulnerability - Gemini CLI" }, { "id": "GHSA-mxxr-jv3v-6pgc", "severity": "MEDIUM", "summary": "FastMCP vulnerable to reflected XSS in client's callback page" }, { "id": "GHSA-rcfx-77hg-w2wv", "severity": "HIGH", "summary": "FastMCP updated to MCP 1.23+ due to CVE-2025-66416" }, { "id": "GHSA-rj5c-58rq-j5g5", "severity": "MEDIUM", "summary": "FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name" }, { "id": "GHSA-rww4-4w9c-7733", "severity": "HIGH", "summary": "FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities" }, { "id": "GHSA-vv7q-7jx5-f767", "severity": "CRITICAL", "summary": "FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability" } ], "PyYAML": [ { "id": "GHSA-8q59-q68h-6hv4", "severity": "CRITICAL", "summary": "Improper Input Validation in PyYAML" }, { "id": "GHSA-rprw-h62v-c2w7", "severity": "CRITICAL", "summary": "PyYAML insecurely deserializes YAML strings leading to arbitrary code execution" }, { "id": "PYSEC-2018-49", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-142", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "accounting-ai-mcp", "version": "1.0.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ] } }, { "name": "accounting-subject-analysis-mcp-server", "version": "0.1.4", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 8, "max_severity": "CRITICAL", "tactic_exposure": { "Code Execution": [ "GHSA-5h2m-4q8j-pqpj", "GHSA-c2jp-c369-7pvx", "GHSA-m8x7-r2rg-vh5g", "GHSA-rj5c-58rq-j5g5", "GHSA-rww4-4w9c-7733" ], "Credential Scope": [ "GHSA-5h2m-4q8j-pqpj", "GHSA-vv7q-7jx5-f767" ], "Prompt Injection": [ "GHSA-mxxr-jv3v-6pgc" ], "Infrastructure & Runtime": [ "GHSA-rcfx-77hg-w2wv" ], "Privilege Escalation": [ "GHSA-rww4-4w9c-7733", "GHSA-vv7q-7jx5-f767" ], "RAG & Memory Poisoning": [ "GHSA-vv7q-7jx5-f767" ], "Output Weaponization": [ "GHSA-vv7q-7jx5-f767" ] }, "direct_vulns": [], "dep_vulns": { "fastmcp": [ { "id": "GHSA-5h2m-4q8j-pqpj", "severity": "HIGH", "summary": "FastMCP OAuth Proxy token reuse across MCP servers" }, { "id": "GHSA-c2jp-c369-7pvx", "severity": "HIGH", "summary": "FastMCP Auth Integration Allows for Confused Deputy Account Takeover" }, { "id": "GHSA-m8x7-r2rg-vh5g", "severity": "MEDIUM", "summary": "FastMCP has a Command Injection vulnerability - Gemini CLI" }, { "id": "GHSA-mxxr-jv3v-6pgc", "severity": "MEDIUM", "summary": "FastMCP vulnerable to reflected XSS in client's callback page" }, { "id": "GHSA-rcfx-77hg-w2wv", "severity": "HIGH", "summary": "FastMCP updated to MCP 1.23+ due to CVE-2025-66416" }, { "id": "GHSA-rj5c-58rq-j5g5", "severity": "MEDIUM", "summary": "FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name" }, { "id": "GHSA-rww4-4w9c-7733", "severity": "HIGH", "summary": "FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities" }, { "id": "GHSA-vv7q-7jx5-f767", "severity": "CRITICAL", "summary": "FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability" } ] } }, { "name": "aceflow-mcp-server", "version": "3.0.2", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 54, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47", "GHSA-6w46-j5rx-g56g", "GHSA-652x-xj99-gmcc", "GHSA-9wx4-h78v-vm56", "GHSA-gc5v-m9x4-r6x2", "PYSEC-2014-14", "GHSA-mf9w-mj56-hr94", "GHSA-8h2j-cgx8-6xv7", "PYSEC-2021-100", "PYSEC-2024-38", "GHSA-462w-v97r-4m45", "GHSA-8r7q-cvjq-x353", "GHSA-cpwx-vrp4-4pq7", "GHSA-fqh9-2qgg-h84h", "GHSA-g3rq-g295-4j3m", "GHSA-hj2j-77xm-mc5v", "GHSA-q2x7-8rv6-6q7h", "PYSEC-2014-8", "PYSEC-2014-82", "PYSEC-2019-217", "PYSEC-2019-220", "PYSEC-2021-66", "GHSA-2c2j-9gv5-cj73", "GHSA-74m5-2c7w-9w3x", "GHSA-f96h-pmfr-66vw", "PYSEC-2023-48", "GHSA-f97h-2pfx-f59f", "PYSEC-2020-151", "GHSA-fj7x-q9j7-g6q6", "PYSEC-2024-48", "GHSA-qfc5-mcwq-26q8", "PYSEC-2019-41", "GHSA-hx9q-6w63-j58v", "GHSA-pwr2-4v36-6qpr", "PYSEC-2024-40" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh", "PYSEC-2024-38", "GHSA-f96h-pmfr-66vw", "GHSA-33c7-2mpw-hg34", "PYSEC-2020-150", "GHSA-8q59-q68h-6hv4", "GHSA-rprw-h62v-c2w7", "PYSEC-2018-49", "PYSEC-2021-142" ], "Credential Scope": [ "GHSA-9hjg-9r4m-mvj7", "GHSA-cfj3-7x9c-4p3h", "GHSA-x84v-xcm2-53pg", "PYSEC-2014-13", "PYSEC-2018-28", "GHSA-mf9w-mj56-hr94" ], "Privilege Escalation": [ "GHSA-mf9w-mj56-hr94" ], "Prompt Injection": [ "GHSA-h5c8-rqwp-cp95", "GHSA-h75v-3vvj-5mfj", "GHSA-8q59-q68h-6hv4" ], "RAG & Memory Poisoning": [ "GHSA-3936-cmfr-pm3m" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ], "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ], "requests": [ { "id": "GHSA-652x-xj99-gmcc", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-9hjg-9r4m-mvj7", "severity": "MEDIUM", "summary": "Requests vulnerable to .netrc credentials leak via malicious URLs" }, { "id": "GHSA-9wx4-h78v-vm56", "severity": "MEDIUM", "summary": "Requests `Session` object does not verify requests after making first request with verify=False" }, { "id": "GHSA-cfj3-7x9c-4p3h", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-gc5v-m9x4-r6x2", "severity": "MEDIUM", "summary": "Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function" }, { "id": "GHSA-x84v-xcm2-53pg", "severity": "HIGH", "summary": "Insufficiently Protected Credentials in Requests" }, { "id": "PYSEC-2014-13", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-14", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2018-28", "severity": "UNKNOWN", "summary": "" } ], "python-dotenv": [ { "id": "GHSA-mf9w-mj56-hr94", "severity": "MEDIUM", "summary": "python-dotenv: Symlink following in set_key allows arbitrary file overwrite via cross-device rename fallback" } ], "fastapi": [ { "id": "GHSA-8h2j-cgx8-6xv7", "severity": "HIGH", "summary": "Cross-Site Request Forgery (CSRF) in FastAPI" }, { "id": "PYSEC-2021-100", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-38", "severity": "UNKNOWN", "summary": "" } ], "jinja2": [ { "id": "GHSA-462w-v97r-4m45", "severity": "HIGH", "summary": "Jinja2 sandbox escape via string formatting" }, { "id": "GHSA-8r7q-cvjq-x353", "severity": "HIGH", "summary": "Incorrect Privilege Assignment in Jinja2" }, { "id": "GHSA-cpwx-vrp4-4pq7", "severity": "MEDIUM", "summary": "Jinja2 vulnerable to sandbox breakout through attr filter selecting format method" }, { "id": "GHSA-fqh9-2qgg-h84h", "severity": "MEDIUM", "summary": "Insecure Temporary File in Jinja2" }, { "id": "GHSA-g3rq-g295-4j3m", "severity": "MEDIUM", "summary": "Regular Expression Denial of Service (ReDoS) in Jinja2" }, { "id": "GHSA-h5c8-rqwp-cp95", "severity": "MEDIUM", "summary": "Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter" }, { "id": "GHSA-h75v-3vvj-5mfj", "severity": "MEDIUM", "summary": "Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter" }, { "id": "GHSA-hj2j-77xm-mc5v", "severity": "HIGH", "summary": "Jinja2 sandbox escape vulnerability" }, { "id": "GHSA-q2x7-8rv6-6q7h", "severity": "MEDIUM", "summary": "Jinja has a sandbox breakout through indirect reference to format method" }, { "id": "PYSEC-2014-8", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-82", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2019-217", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2019-220", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-66", "severity": "UNKNOWN", "summary": "" } ], "starlette": [ { "id": "GHSA-2c2j-9gv5-cj73", "severity": "MEDIUM", "summary": "Starlette has possible denial-of-service vector when parsing large files in multipart forms" }, { "id": "GHSA-74m5-2c7w-9w3x", "severity": "HIGH", "summary": "MultipartParser denial of service with too many fields or files" }, { "id": "GHSA-f96h-pmfr-66vw", "severity": "HIGH", "summary": "Starlette Denial of service (DoS) via multipart/form-data" }, { "id": "PYSEC-2023-48", "severity": "UNKNOWN", "summary": "" } ], "uvicorn": [ { "id": "GHSA-33c7-2mpw-hg34", "severity": "HIGH", "summary": "Log injection in uvicorn" }, { "id": "GHSA-f97h-2pfx-f59f", "severity": "HIGH", "summary": "HTTP response splitting in uvicorn" }, { "id": "PYSEC-2020-150", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-151", "severity": "UNKNOWN", "summary": "" } ], "black": [ { "id": "GHSA-3936-cmfr-pm3m", "severity": "HIGH", "summary": "Black: Arbitrary file writes from unsanitized user input in cache file name" }, { "id": "GHSA-fj7x-q9j7-g6q6", "severity": "MEDIUM", "summary": "Black vulnerable to Regular Expression Denial of Service (ReDoS)" }, { "id": "PYSEC-2024-48", "severity": "UNKNOWN", "summary": "" } ], "pyyaml": [ { "id": "GHSA-8q59-q68h-6hv4", "severity": "CRITICAL", "summary": "Improper Input Validation in PyYAML" }, { "id": "GHSA-rprw-h62v-c2w7", "severity": "CRITICAL", "summary": "PyYAML insecurely deserializes YAML strings leading to arbitrary code execution" }, { "id": "PYSEC-2018-49", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-142", "severity": "UNKNOWN", "summary": "" } ], "psutil": [ { "id": "GHSA-qfc5-mcwq-26q8", "severity": "HIGH", "summary": "Double Free in psutil" }, { "id": "PYSEC-2019-41", "severity": "UNKNOWN", "summary": "" } ], "orjson": [ { "id": "GHSA-hx9q-6w63-j58v", "severity": "HIGH", "summary": "orjson does not limit recursion for deeply nested JSON documents" }, { "id": "GHSA-pwr2-4v36-6qpr", "severity": "HIGH", "summary": "orjson does not limit recursion for deeply nested JSON documents" }, { "id": "PYSEC-2024-40", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "acemcp", "version": "0.2.2", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 18, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-8h2j-cgx8-6xv7", "PYSEC-2021-100", "PYSEC-2024-38", "GHSA-f97h-2pfx-f59f", "PYSEC-2020-151", "PYSEC-2018-79", "GHSA-39ph-wr67-j4xq", "PYSEC-2022-14" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh", "PYSEC-2024-38", "GHSA-33c7-2mpw-hg34", "PYSEC-2020-150", "GHSA-pxrr-hq57-q35p" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183" ], "Credential Scope": [ "GHSA-8ch4-58qp-g3mp", "PYSEC-2021-95", "GHSA-pxrr-hq57-q35p" ], "Tool Poisoning": [ "GHSA-pxrr-hq57-q35p" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "fastapi": [ { "id": "GHSA-8h2j-cgx8-6xv7", "severity": "HIGH", "summary": "Cross-Site Request Forgery (CSRF) in FastAPI" }, { "id": "PYSEC-2021-100", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-38", "severity": "UNKNOWN", "summary": "" } ], "uvicorn": [ { "id": "GHSA-33c7-2mpw-hg34", "severity": "HIGH", "summary": "Log injection in uvicorn" }, { "id": "GHSA-f97h-2pfx-f59f", "severity": "HIGH", "summary": "HTTP response splitting in uvicorn" }, { "id": "PYSEC-2020-150", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-151", "severity": "UNKNOWN", "summary": "" } ], "websockets": [ { "id": "GHSA-8ch4-58qp-g3mp", "severity": "HIGH", "summary": "Observable Timing Discrepancy in aaugustin websockets library" }, { "id": "PYSEC-2018-79", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-95", "severity": "UNKNOWN", "summary": "" } ], "loguru": [ { "id": "GHSA-39ph-wr67-j4xq", "severity": "MEDIUM", "summary": "loguru logs sensitive information" }, { "id": "PYSEC-2022-14", "severity": "UNKNOWN", "summary": "" } ], "dynaconf": [ { "id": "GHSA-pxrr-hq57-q35p", "severity": "HIGH", "summary": "dynaconf Affected by Remote Code Execution (RCE) via Insecure Template Evaluation in @jinja Resolver" } ] } }, { "name": "acemcp-fast", "version": "0.2.5", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 18, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-8h2j-cgx8-6xv7", "PYSEC-2021-100", "PYSEC-2024-38", "GHSA-f97h-2pfx-f59f", "PYSEC-2020-151", "PYSEC-2018-79", "GHSA-39ph-wr67-j4xq", "PYSEC-2022-14" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh", "PYSEC-2024-38", "GHSA-33c7-2mpw-hg34", "PYSEC-2020-150", "GHSA-pxrr-hq57-q35p" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183" ], "Credential Scope": [ "GHSA-8ch4-58qp-g3mp", "PYSEC-2021-95", "GHSA-pxrr-hq57-q35p" ], "Tool Poisoning": [ "GHSA-pxrr-hq57-q35p" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "fastapi": [ { "id": "GHSA-8h2j-cgx8-6xv7", "severity": "HIGH", "summary": "Cross-Site Request Forgery (CSRF) in FastAPI" }, { "id": "PYSEC-2021-100", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-38", "severity": "UNKNOWN", "summary": "" } ], "uvicorn": [ { "id": "GHSA-33c7-2mpw-hg34", "severity": "HIGH", "summary": "Log injection in uvicorn" }, { "id": "GHSA-f97h-2pfx-f59f", "severity": "HIGH", "summary": "HTTP response splitting in uvicorn" }, { "id": "PYSEC-2020-150", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-151", "severity": "UNKNOWN", "summary": "" } ], "websockets": [ { "id": "GHSA-8ch4-58qp-g3mp", "severity": "HIGH", "summary": "Observable Timing Discrepancy in aaugustin websockets library" }, { "id": "PYSEC-2018-79", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-95", "severity": "UNKNOWN", "summary": "" } ], "loguru": [ { "id": "GHSA-39ph-wr67-j4xq", "severity": "MEDIUM", "summary": "loguru logs sensitive information" }, { "id": "PYSEC-2022-14", "severity": "UNKNOWN", "summary": "" } ], "dynaconf": [ { "id": "GHSA-pxrr-hq57-q35p", "severity": "HIGH", "summary": "dynaconf Affected by Remote Code Execution (RCE) via Insecure Template Evaluation in @jinja Resolver" } ] } }, { "name": "aceternity-mcp", "version": "2.1.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 4, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-6w46-j5rx-g56g" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ] } }, { "name": "acex-mcp-server", "version": "1.1.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 20, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-652x-xj99-gmcc", "GHSA-9wx4-h78v-vm56", "GHSA-gc5v-m9x4-r6x2", "PYSEC-2014-14", "GHSA-rcfx-77hg-w2wv" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh", "GHSA-5h2m-4q8j-pqpj", "GHSA-c2jp-c369-7pvx", "GHSA-m8x7-r2rg-vh5g", "GHSA-rj5c-58rq-j5g5", "GHSA-rww4-4w9c-7733" ], "Credential Scope": [ "GHSA-9hjg-9r4m-mvj7", "GHSA-cfj3-7x9c-4p3h", "GHSA-x84v-xcm2-53pg", "PYSEC-2014-13", "PYSEC-2018-28", "GHSA-5h2m-4q8j-pqpj", "GHSA-vv7q-7jx5-f767" ], "Prompt Injection": [ "GHSA-mxxr-jv3v-6pgc" ], "Privilege Escalation": [ "GHSA-rww4-4w9c-7733", "GHSA-vv7q-7jx5-f767" ], "RAG & Memory Poisoning": [ "GHSA-vv7q-7jx5-f767" ], "Output Weaponization": [ "GHSA-vv7q-7jx5-f767" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "requests": [ { "id": "GHSA-652x-xj99-gmcc", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-9hjg-9r4m-mvj7", "severity": "MEDIUM", "summary": "Requests vulnerable to .netrc credentials leak via malicious URLs" }, { "id": "GHSA-9wx4-h78v-vm56", "severity": "MEDIUM", "summary": "Requests `Session` object does not verify requests after making first request with verify=False" }, { "id": "GHSA-cfj3-7x9c-4p3h", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-gc5v-m9x4-r6x2", "severity": "MEDIUM", "summary": "Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function" }, { "id": "GHSA-x84v-xcm2-53pg", "severity": "HIGH", "summary": "Insufficiently Protected Credentials in Requests" }, { "id": "PYSEC-2014-13", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-14", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2018-28", "severity": "UNKNOWN", "summary": "" } ], "fastmcp": [ { "id": "GHSA-5h2m-4q8j-pqpj", "severity": "HIGH", "summary": "FastMCP OAuth Proxy token reuse across MCP servers" }, { "id": "GHSA-c2jp-c369-7pvx", "severity": "HIGH", "summary": "FastMCP Auth Integration Allows for Confused Deputy Account Takeover" }, { "id": "GHSA-m8x7-r2rg-vh5g", "severity": "MEDIUM", "summary": "FastMCP has a Command Injection vulnerability - Gemini CLI" }, { "id": "GHSA-mxxr-jv3v-6pgc", "severity": "MEDIUM", "summary": "FastMCP vulnerable to reflected XSS in client's callback page" }, { "id": "GHSA-rcfx-77hg-w2wv", "severity": "HIGH", "summary": "FastMCP updated to MCP 1.23+ due to CVE-2025-66416" }, { "id": "GHSA-rj5c-58rq-j5g5", "severity": "MEDIUM", "summary": "FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name" }, { "id": "GHSA-rww4-4w9c-7733", "severity": "HIGH", "summary": "FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities" }, { "id": "GHSA-vv7q-7jx5-f767", "severity": "CRITICAL", "summary": "FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability" } ] } }, { "name": "acg-frontend-mcp", "version": "0.1.4", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 100, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-8h2j-cgx8-6xv7", "PYSEC-2021-100", "PYSEC-2024-38", "GHSA-3c5c-7235-994j", "GHSA-3wvg-mj6g-m9cv", "GHSA-3xv8-3j54-hgrp", "GHSA-43fq-w8qq-v88h", "GHSA-44wm-f244-xhp3", "GHSA-4fx9-vc88-q2xc", "GHSA-57h3-9rgr-c24m", "GHSA-5gm3-px64-rw72", "GHSA-7534-mm45-c74v", "GHSA-7r7m-5h27-29hp", "GHSA-8843-m7mw-mxqm", "GHSA-8ghj-p4vj-mr35", "GHSA-8vj2-vxx3-667w", "GHSA-8xjq-8fcg-g5hw", "GHSA-8xjv-v9xq-m5h9", "GHSA-95q3-8gr9-gm8w", "GHSA-cfmr-38g9-f2h7", "GHSA-cqhg-xjhh-p8hf", "GHSA-f4w8-cv6p-x6r5", "GHSA-f5g8-5qq7-938w", "GHSA-g6rj-rv7j-xwp4", "GHSA-h5rf-vgqx-wjv2", "GHSA-hggx-3h72-49ww", "GHSA-hj69-c76v-86wr", "GHSA-hvr8-466p-75rh", "GHSA-j6f7-g425-4gmx", "GHSA-j7hp-h8jx-5ppr", "GHSA-j7mj-748x-7p78", "GHSA-jgpv-4h4c-xhw3", "GHSA-m2vv-5vj5-2hm7", "GHSA-mvg9-xffr-p774", "GHSA-p49h-hjvm-jg3h", "GHSA-pw3c-h7wp-cvhx", "GHSA-q5hq-fp76-qmrc", "GHSA-r7rm-8j6h-r933", "GHSA-r854-96gq-rfg3", "GHSA-rwr3-c2q8-gm56", "GHSA-vcqg-3p29-xw73", "GHSA-vj42-xq3r-hr3r", "GHSA-vqcj-wrf2-7v73", "GHSA-x895-2wrm-hvp7", "GHSA-xrcv-f9gm-v42c", "PYSEC-2014-10", "PYSEC-2014-22", "PYSEC-2014-23", "PYSEC-2014-87", "PYSEC-2015-15", "PYSEC-2015-16", "PYSEC-2016-19", "PYSEC-2016-5", "PYSEC-2016-6", "PYSEC-2016-7", "PYSEC-2016-8", "PYSEC-2019-110", "PYSEC-2020-172", "PYSEC-2020-76", "PYSEC-2020-77", "PYSEC-2020-78", "PYSEC-2020-79", "PYSEC-2020-80", "PYSEC-2020-81", "PYSEC-2020-82", "PYSEC-2020-83", "PYSEC-2020-84", "PYSEC-2021-137", "PYSEC-2021-138", "PYSEC-2021-139", "PYSEC-2021-317", "PYSEC-2021-331", "PYSEC-2021-35", "PYSEC-2021-36", "PYSEC-2021-37", "PYSEC-2021-38", "PYSEC-2021-39", "PYSEC-2021-40", "PYSEC-2021-41", "PYSEC-2021-42", "PYSEC-2021-69", "PYSEC-2021-70", "PYSEC-2021-92", "PYSEC-2021-93", "PYSEC-2021-94", "PYSEC-2022-10", "PYSEC-2022-168", "PYSEC-2022-42979", "PYSEC-2022-8", "PYSEC-2022-9", "PYSEC-2023-175", "PYSEC-2023-227" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh", "PYSEC-2024-38", "GHSA-3f63-hfp8-52jq", "GHSA-3wvg-mj6g-m9cv", "GHSA-5gm3-px64-rw72", "GHSA-8m9x-pxwq-j236", "GHSA-95q3-8gr9-gm8w", "GHSA-f4w8-cv6p-x6r5", "GHSA-jgpv-4h4c-xhw3", "GHSA-q5hq-fp76-qmrc", "GHSA-w4vg-rf63-f3j3", "PYSEC-2016-9" ], "RAG & Memory Poisoning": [ "GHSA-9j59-75qj-795w" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "fastapi": [ { "id": "GHSA-8h2j-cgx8-6xv7", "severity": "HIGH", "summary": "Cross-Site Request Forgery (CSRF) in FastAPI" }, { "id": "PYSEC-2021-100", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-38", "severity": "UNKNOWN", "summary": "" } ], "pillow": [ { "id": "GHSA-3c5c-7235-994j", "severity": "HIGH", "summary": "Pillow buffer overflow in ImagingPcdDecode" }, { "id": "GHSA-3f63-hfp8-52jq", "severity": "CRITICAL", "summary": "Arbitrary Code Execution in Pillow" }, { "id": "GHSA-3wvg-mj6g-m9cv", "severity": "HIGH", "summary": "Pillow Uncontrolled Resource Consumption" }, { "id": "GHSA-3xv8-3j54-hgrp", "severity": "HIGH", "summary": "Out-of-bounds read in Pillow" }, { "id": "GHSA-43fq-w8qq-v88h", "severity": "CRITICAL", "summary": "Out-of-bounds read in Pillow" }, { "id": "GHSA-44wm-f244-xhp3", "severity": "HIGH", "summary": "Pillow buffer overflow vulnerability" }, { "id": "GHSA-4fx9-vc88-q2xc", "severity": "LOW", "summary": "Infinite loop in Pillow" }, { "id": "GHSA-57h3-9rgr-c24m", "severity": "CRITICAL", "summary": "Out of bounds write in Pillow" }, { "id": "GHSA-5gm3-px64-rw72", "severity": "HIGH", "summary": "Uncontrolled Resource Consumption in Pillow" }, { "id": "GHSA-7534-mm45-c74v", "severity": "CRITICAL", "summary": "Buffer Overflow in Pillow" }, { "id": "GHSA-7r7m-5h27-29hp", "severity": "HIGH", "summary": "Potential infinite loop in Pillow" }, { "id": "GHSA-8843-m7mw-mxqm", "severity": "HIGH", "summary": "Buffer overflow in Pillow" }, { "id": "GHSA-8ghj-p4vj-mr35", "severity": "HIGH", "summary": "Pillow Denial of Service vulnerability" }, { "id": "GHSA-8m9x-pxwq-j236", "severity": "CRITICAL", "summary": "Pillow command injection" }, { "id": "GHSA-8vj2-vxx3-667w", "severity": "CRITICAL", "summary": "Arbitrary expression injection in Pillow" }, { "id": "GHSA-8xjq-8fcg-g5hw", "severity": "HIGH", "summary": "Out-of-bounds Write in Pillow" }, { "id": "GHSA-8xjv-v9xq-m5h9", "severity": "HIGH", "summary": "Pillow Buffer overflow in ImagingFliDecode" }, { "id": "GHSA-95q3-8gr9-gm8w", "severity": "HIGH", "summary": "Pillow Denial of Service by Uncontrolled Resource Consumption" }, { "id": "GHSA-9j59-75qj-795w", "severity": "HIGH", "summary": "Path traversal in Pillow" }, { "id": "GHSA-cfmr-38g9-f2h7", "severity": "HIGH", "summary": "Pillow denial of service via Crafted Block Size" }, { "id": "GHSA-cqhg-xjhh-p8hf", "severity": "HIGH", "summary": "Out-of-bounds reads in Pillow" }, { "id": "GHSA-f4w8-cv6p-x6r5", "severity": "HIGH", "summary": "Pillow Denial of Service by Uncontrolled Resource Consumption" }, { "id": "GHSA-f5g8-5qq7-938w", "severity": "HIGH", "summary": "Pillow Out-of-bounds Read" }, { "id": "GHSA-g6rj-rv7j-xwp4", "severity": "HIGH", "summary": "Pillow denial of service" }, { "id": "GHSA-h5rf-vgqx-wjv2", "severity": "HIGH", "summary": "Pillow denial of service via PNG bomb" }, { "id": "GHSA-hggx-3h72-49ww", "severity": "MEDIUM", "summary": "Pillow Buffer overflow in ImagingLibTiffDecode" }, { "id": "GHSA-hj69-c76v-86wr", "severity": "HIGH", "summary": "Out-of-bounds Read in Pillow" }, { "id": "GHSA-hvr8-466p-75rh", "severity": "CRITICAL", "summary": "Pillow Integer overflow in ImagingResampleHorizontal" }, { "id": "GHSA-j6f7-g425-4gmx", "severity": "HIGH", "summary": "Pillow is vulnerable to Denial of Service (DOS) in the Jpeg2KImagePlugin" }, { "id": "GHSA-j7hp-h8jx-5ppr", "severity": "HIGH", "summary": "libwebp: OOB write in BuildHuffmanTable" }, { "id": "GHSA-j7mj-748x-7p78", "severity": "HIGH", "summary": "DOS attack in Pillow when processing specially crafted image files" }, { "id": "GHSA-jgpv-4h4c-xhw3", "severity": "MEDIUM", "summary": "Uncontrolled Resource Consumption in pillow" }, { "id": "GHSA-m2vv-5vj5-2hm7", "severity": "HIGH", "summary": "Pillow vulnerable to Data Amplification attack." }, { "id": "GHSA-mvg9-xffr-p774", "severity": "HIGH", "summary": "Out of bounds read in Pillow" }, { "id": "GHSA-p49h-hjvm-jg3h", "severity": "CRITICAL", "summary": "PCX P mode buffer overflow in Pillow" }, { "id": "GHSA-pw3c-h7wp-cvhx", "severity": "MEDIUM", "summary": "Improper Initialization in Pillow" }, { "id": "GHSA-q5hq-fp76-qmrc", "severity": "HIGH", "summary": "Uncontrolled Resource Consumption in Pillow" }, { "id": "GHSA-r7rm-8j6h-r933", "severity": "CRITICAL", "summary": "Buffer Copy without Checking Size of Input in Pillow" }, { "id": "GHSA-r854-96gq-rfg3", "severity": "MEDIUM", "summary": "Pillow Temporary file name leakage" }, { "id": "GHSA-rwr3-c2q8-gm56", "severity": "MEDIUM", "summary": "Pillow Integer overflow in Map.c" }, { "id": "GHSA-vcqg-3p29-xw73", "severity": "CRITICAL", "summary": "Integer overflow in Pillow" }, { "id": "GHSA-vj42-xq3r-hr3r", "severity": "HIGH", "summary": "Out-of-bounds reads in Pillow" }, { "id": "GHSA-vqcj-wrf2-7v73", "severity": "HIGH", "summary": "Pillow Out-of-bounds Write" }, { "id": "GHSA-w4vg-rf63-f3j3", "severity": "HIGH", "summary": "Arbitrary code using \"crafted image file\" approach affecting Pillow" }, { "id": "GHSA-x895-2wrm-hvp7", "severity": "HIGH", "summary": "PIL and Pillow Vulnerable to Symlink Attack on Tmpfiles" }, { "id": "GHSA-xrcv-f9gm-v42c", "severity": "MEDIUM", "summary": "Out-of-bounds Read in Pillow" }, { "id": "PYSEC-2014-10", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-22", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-23", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-87", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2015-15", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2015-16", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2016-19", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2016-5", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2016-6", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2016-7", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2016-8", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2016-9", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2019-110", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-172", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-76", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-77", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-78", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-79", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-80", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-81", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-82", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-83", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-84", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-137", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-138", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-139", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-317", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-331", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-35", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-36", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-37", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-38", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-39", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-40", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-41", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-42", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-69", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-70", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-92", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-93", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-94", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2022-10", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2022-168", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2022-42979", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2022-8", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2022-9", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-175", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-227", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "aci-mcp", "version": "1.0.0b13", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 13, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-2c2j-9gv5-cj73", "GHSA-74m5-2c7w-9w3x", "GHSA-f96h-pmfr-66vw", "PYSEC-2023-48", "GHSA-f97h-2pfx-f59f", "PYSEC-2020-151" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh", "GHSA-f96h-pmfr-66vw", "GHSA-33c7-2mpw-hg34", "PYSEC-2020-150" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "starlette": [ { "id": "GHSA-2c2j-9gv5-cj73", "severity": "MEDIUM", "summary": "Starlette has possible denial-of-service vector when parsing large files in multipart forms" }, { "id": "GHSA-74m5-2c7w-9w3x", "severity": "HIGH", "summary": "MultipartParser denial of service with too many fields or files" }, { "id": "GHSA-f96h-pmfr-66vw", "severity": "HIGH", "summary": "Starlette Denial of service (DoS) via multipart/form-data" }, { "id": "PYSEC-2023-48", "severity": "UNKNOWN", "summary": "" } ], "uvicorn": [ { "id": "GHSA-33c7-2mpw-hg34", "severity": "HIGH", "summary": "Log injection in uvicorn" }, { "id": "GHSA-f97h-2pfx-f59f", "severity": "HIGH", "summary": "HTTP response splitting in uvicorn" }, { "id": "PYSEC-2020-150", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-151", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "acli-mcp-server", "version": "0.1.4", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 4, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-6w46-j5rx-g56g" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ] } }, { "name": "ac-mcp-server", "version": "0.12.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 17, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-652x-xj99-gmcc", "GHSA-9wx4-h78v-vm56", "GHSA-gc5v-m9x4-r6x2", "PYSEC-2014-14", "GHSA-rcfx-77hg-w2wv" ], "Credential Scope": [ "GHSA-9hjg-9r4m-mvj7", "GHSA-cfj3-7x9c-4p3h", "GHSA-x84v-xcm2-53pg", "PYSEC-2014-13", "PYSEC-2018-28", "GHSA-5h2m-4q8j-pqpj", "GHSA-vv7q-7jx5-f767" ], "Code Execution": [ "GHSA-5h2m-4q8j-pqpj", "GHSA-c2jp-c369-7pvx", "GHSA-m8x7-r2rg-vh5g", "GHSA-rj5c-58rq-j5g5", "GHSA-rww4-4w9c-7733" ], "Prompt Injection": [ "GHSA-mxxr-jv3v-6pgc" ], "Privilege Escalation": [ "GHSA-rww4-4w9c-7733", "GHSA-vv7q-7jx5-f767" ], "RAG & Memory Poisoning": [ "GHSA-vv7q-7jx5-f767" ], "Output Weaponization": [ "GHSA-vv7q-7jx5-f767" ] }, "direct_vulns": [], "dep_vulns": { "requests": [ { "id": "GHSA-652x-xj99-gmcc", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-9hjg-9r4m-mvj7", "severity": "MEDIUM", "summary": "Requests vulnerable to .netrc credentials leak via malicious URLs" }, { "id": "GHSA-9wx4-h78v-vm56", "severity": "MEDIUM", "summary": "Requests `Session` object does not verify requests after making first request with verify=False" }, { "id": "GHSA-cfj3-7x9c-4p3h", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-gc5v-m9x4-r6x2", "severity": "MEDIUM", "summary": "Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function" }, { "id": "GHSA-x84v-xcm2-53pg", "severity": "HIGH", "summary": "Insufficiently Protected Credentials in Requests" }, { "id": "PYSEC-2014-13", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-14", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2018-28", "severity": "UNKNOWN", "summary": "" } ], "fastmcp": [ { "id": "GHSA-5h2m-4q8j-pqpj", "severity": "HIGH", "summary": "FastMCP OAuth Proxy token reuse across MCP servers" }, { "id": "GHSA-c2jp-c369-7pvx", "severity": "HIGH", "summary": "FastMCP Auth Integration Allows for Confused Deputy Account Takeover" }, { "id": "GHSA-m8x7-r2rg-vh5g", "severity": "MEDIUM", "summary": "FastMCP has a Command Injection vulnerability - Gemini CLI" }, { "id": "GHSA-mxxr-jv3v-6pgc", "severity": "MEDIUM", "summary": "FastMCP vulnerable to reflected XSS in client's callback page" }, { "id": "GHSA-rcfx-77hg-w2wv", "severity": "HIGH", "summary": "FastMCP updated to MCP 1.23+ due to CVE-2025-66416" }, { "id": "GHSA-rj5c-58rq-j5g5", "severity": "MEDIUM", "summary": "FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name" }, { "id": "GHSA-rww4-4w9c-7733", "severity": "HIGH", "summary": "FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities" }, { "id": "GHSA-vv7q-7jx5-f767", "severity": "CRITICAL", "summary": "FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability" } ] } }, { "name": "acp-mcp", "version": "0.4.2", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ] } }, { "name": "acp-mcp-server", "version": "0.0.5", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 56, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47", "GHSA-6w46-j5rx-g56g", "GHSA-2vrm-gr82-f7m5", "GHSA-3wq7-rqq7-wx6j", "GHSA-45c4-8wx5-qw6w", "GHSA-5m98-qgg9-wh84", "GHSA-63hf-3vf5-4wqf", "GHSA-69f9-5gxw-wvc2", "GHSA-6jhg-hg63-jvvf", "GHSA-6mq8-rvhq-8wgg", "GHSA-8495-4g3g-x7pr", "GHSA-9548-qrrj-x5pj", "GHSA-966j-vmvw-g2g9", "GHSA-c427-h43c-vf67", "GHSA-fh55-r93g-j68g", "GHSA-g84x-mcqj-x9qq", "GHSA-hcc4-c3v8-rx92", "GHSA-jj3x-wxrx-4x23", "GHSA-m5qp-6w8w-w647", "GHSA-mqqc-3gqh-h2x8", "GHSA-mwh4-6h8g-pg8w", "GHSA-pjjw-qhg8-p2p9", "GHSA-q3qx-c6g2-7pw2", "GHSA-qvrw-v9rv-5rjx", "GHSA-w2fm-2cpv-w7v5", "PYSEC-2023-120", "PYSEC-2023-246", "PYSEC-2023-250", "PYSEC-2023-251", "GHSA-f97h-2pfx-f59f", "PYSEC-2020-151", "GHSA-fj7x-q9j7-g6q6", "PYSEC-2024-48", "GHSA-rcfx-77hg-w2wv" ], "Code Execution": [ "GHSA-3wq7-rqq7-wx6j", "GHSA-54jq-c3m8-4m76", "GHSA-8qpw-xqxj-h4r2", "GHSA-gfw2-4jvh-wgfg", "GHSA-p998-jp59-783m", "PYSEC-2024-26", "GHSA-33c7-2mpw-hg34", "PYSEC-2020-150", "GHSA-5h2m-4q8j-pqpj", "GHSA-c2jp-c369-7pvx", "GHSA-m8x7-r2rg-vh5g", "GHSA-rj5c-58rq-j5g5", "GHSA-rww4-4w9c-7733" ], "RAG & Memory Poisoning": [ "GHSA-54jq-c3m8-4m76", "GHSA-xx9p-xxvh-7g8j", "GHSA-3936-cmfr-pm3m", "GHSA-vv7q-7jx5-f767" ], "Prompt Injection": [ "GHSA-7gpw-8wmc-pm8g", "GHSA-mxxr-jv3v-6pgc" ], "Credential Scope": [ "GHSA-p998-jp59-783m", "GHSA-5h2m-4q8j-pqpj", "GHSA-vv7q-7jx5-f767" ], "Output Weaponization": [ "GHSA-p998-jp59-783m", "GHSA-v6wp-4m6f-gcjg", "GHSA-xx9p-xxvh-7g8j", "PYSEC-2021-76", "PYSEC-2023-247", "GHSA-vv7q-7jx5-f767" ], "Privilege Escalation": [ "GHSA-rww4-4w9c-7733", "GHSA-vv7q-7jx5-f767" ] }, "direct_vulns": [], "dep_vulns": { "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ], "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ], "aiohttp": [ { "id": "GHSA-2vrm-gr82-f7m5", "severity": "LOW", "summary": "AIOHTTP has CRLF injection through multipart part content type header construction" }, { "id": "GHSA-3wq7-rqq7-wx6j", "severity": "LOW", "summary": "AIOHTTP has late size enforcement for non-file multipart fields causes memory DoS" }, { "id": "GHSA-45c4-8wx5-qw6w", "severity": "MEDIUM", "summary": "aiohttp.web.Application vulnerable to HTTP request smuggling via llhttp HTTP request parser" }, { "id": "GHSA-54jq-c3m8-4m76", "severity": "LOW", "summary": "AIOHTTP vulnerable to brute-force leak of internal static \ufb01le path components" }, { "id": "GHSA-5m98-qgg9-wh84", "severity": "HIGH", "summary": "aiohttp vulnerable to Denial of Service when trying to parse malformed POST requests" }, { "id": "GHSA-63hf-3vf5-4wqf", "severity": "LOW", "summary": "AIOHTTP's C parser (llhttp) accepts null bytes and control characters in response header values - header injection/security bypass" }, { "id": "GHSA-69f9-5gxw-wvc2", "severity": "LOW", "summary": "AIOHTTP's unicode processing of header values could cause parsing discrepancies" }, { "id": "GHSA-6jhg-hg63-jvvf", "severity": "MEDIUM", "summary": "AIOHTTP vulnerable to denial of service through large payloads" }, { "id": "GHSA-6mq8-rvhq-8wgg", "severity": "HIGH", "summary": "AIOHTTP's HTTP Parser auto_decompress feature is vulnerable to zip bomb" }, { "id": "GHSA-7gpw-8wmc-pm8g", "severity": "MEDIUM", "summary": "aiohttp Cross-site Scripting vulnerability on index pages for static file handling" }, { "id": "GHSA-8495-4g3g-x7pr", "severity": "MEDIUM", "summary": "aiohttp allows request smuggling due to incorrect parsing of chunk extensions" }, { "id": "GHSA-8qpw-xqxj-h4r2", "severity": "MEDIUM", "summary": "aiohttp's HTTP parser (the python one, not llhttp) still overly lenient about separators" }, { "id": "GHSA-9548-qrrj-x5pj", "severity": "LOW", "summary": " AIOHTTP is vulnerable to HTTP Request/Response Smuggling through incorrect parsing of chunked trailer sections" }, { "id": "GHSA-966j-vmvw-g2g9", "severity": "LOW", "summary": "AIOHTTP leaks Cookie and Proxy-Authorization headers on cross-origin redirect" }, { "id": "GHSA-c427-h43c-vf67", "severity": "MEDIUM", "summary": "AIOHTTP accepts duplicate Host headers" }, { "id": "GHSA-fh55-r93g-j68g", "severity": "LOW", "summary": "AIOHTTP Vulnerable to Cookie Parser Warning Storm" }, { "id": "GHSA-g84x-mcqj-x9qq", "severity": "MEDIUM", "summary": "AIOHTTP vulnerable to DoS through chunked messages" }, { "id": "GHSA-gfw2-4jvh-wgfg", "severity": "MEDIUM", "summary": "AIOHTTP has problems in HTTP parser (the python one, not llhttp)" }, { "id": "GHSA-hcc4-c3v8-rx92", "severity": "LOW", "summary": "AIOHTTP Affected by Denial of Service (DoS) via Unbounded DNS Cache in TCPConnector" }, { "id": "GHSA-jj3x-wxrx-4x23", "severity": "MEDIUM", "summary": "AIOHTTP vulnerable to DoS when bypassing asserts" }, { "id": "GHSA-m5qp-6w8w-w647", "severity": "MEDIUM", "summary": "AIOHTTP has a Multipart Header Size Bypass" }, { "id": "GHSA-mqqc-3gqh-h2x8", "severity": "LOW", "summary": "AIOHTTP has unicode match groups in regexes for ASCII protocol elements" }, { "id": "GHSA-mwh4-6h8g-pg8w", "severity": "LOW", "summary": "AIOHTTP has HTTP response splitting via \\r in reason phrase" }, { "id": "GHSA-p998-jp59-783m", "severity": "MEDIUM", "summary": "AIOHTTP affected by UNC SSRF/NTLMv2 Credential Theft/Local File Read in static resource handler on Windows" }, { "id": "GHSA-pjjw-qhg8-p2p9", "severity": "MEDIUM", "summary": "aiohttp has vulnerable dependency that is vulnerable to request smuggling" }, { "id": "GHSA-q3qx-c6g2-7pw2", "severity": "MEDIUM", "summary": "aiohttp's ClientSession is vulnerable to CRLF injection via version" }, { "id": "GHSA-qvrw-v9rv-5rjx", "severity": "MEDIUM", "summary": "aiohttp's ClientSession is vulnerable to CRLF injection via method" }, { "id": "GHSA-v6wp-4m6f-gcjg", "severity": "LOW", "summary": "`aiohttp` Open Redirect vulnerability (`normalize_path_middleware` middleware)" }, { "id": "GHSA-w2fm-2cpv-w7v5", "severity": "MEDIUM", "summary": "aiohttp allows unlimited trailer headers, leading to possible uncapped memory usage" }, { "id": "GHSA-xx9p-xxvh-7g8j", "severity": "LOW", "summary": "Aiohttp has inconsistent interpretation of `Content-Length` vs. `Transfer-Encoding` differing in C and Python fallbacks" }, { "id": "PYSEC-2021-76", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-120", "severity": "UNKNOWN", "summary": "aiohttp.web.Application vulnerable to HTTP request smuggling via llhttp HTTP request parser" }, { "id": "PYSEC-2023-246", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-247", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-250", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-251", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-26", "severity": "UNKNOWN", "summary": "" } ], "uvicorn": [ { "id": "GHSA-33c7-2mpw-hg34", "severity": "HIGH", "summary": "Log injection in uvicorn" }, { "id": "GHSA-f97h-2pfx-f59f", "severity": "HIGH", "summary": "HTTP response splitting in uvicorn" }, { "id": "PYSEC-2020-150", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-151", "severity": "UNKNOWN", "summary": "" } ], "black": [ { "id": "GHSA-3936-cmfr-pm3m", "severity": "HIGH", "summary": "Black: Arbitrary file writes from unsanitized user input in cache file name" }, { "id": "GHSA-fj7x-q9j7-g6q6", "severity": "MEDIUM", "summary": "Black vulnerable to Regular Expression Denial of Service (ReDoS)" }, { "id": "PYSEC-2024-48", "severity": "UNKNOWN", "summary": "" } ], "fastmcp": [ { "id": "GHSA-5h2m-4q8j-pqpj", "severity": "HIGH", "summary": "FastMCP OAuth Proxy token reuse across MCP servers" }, { "id": "GHSA-c2jp-c369-7pvx", "severity": "HIGH", "summary": "FastMCP Auth Integration Allows for Confused Deputy Account Takeover" }, { "id": "GHSA-m8x7-r2rg-vh5g", "severity": "MEDIUM", "summary": "FastMCP has a Command Injection vulnerability - Gemini CLI" }, { "id": "GHSA-mxxr-jv3v-6pgc", "severity": "MEDIUM", "summary": "FastMCP vulnerable to reflected XSS in client's callback page" }, { "id": "GHSA-rcfx-77hg-w2wv", "severity": "HIGH", "summary": "FastMCP updated to MCP 1.23+ due to CVE-2025-66416" }, { "id": "GHSA-rj5c-58rq-j5g5", "severity": "MEDIUM", "summary": "FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name" }, { "id": "GHSA-rww4-4w9c-7733", "severity": "HIGH", "summary": "FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities" }, { "id": "GHSA-vv7q-7jx5-f767", "severity": "CRITICAL", "summary": "FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability" } ] } }, { "name": "acquis-postgres-mcp", "version": "0.3.3", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 4, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-vm3q-58wm-2r2x" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "pglast": [ { "id": "GHSA-vm3q-58wm-2r2x", "severity": "HIGH", "summary": "libpg_query memory leak" } ] } }, { "name": "actionai-mcp", "version": "1.0.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 37, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-2vrm-gr82-f7m5", "GHSA-3wq7-rqq7-wx6j", "GHSA-45c4-8wx5-qw6w", "GHSA-5m98-qgg9-wh84", "GHSA-63hf-3vf5-4wqf", "GHSA-69f9-5gxw-wvc2", "GHSA-6jhg-hg63-jvvf", "GHSA-6mq8-rvhq-8wgg", "GHSA-8495-4g3g-x7pr", "GHSA-9548-qrrj-x5pj", "GHSA-966j-vmvw-g2g9", "GHSA-c427-h43c-vf67", "GHSA-fh55-r93g-j68g", "GHSA-g84x-mcqj-x9qq", "GHSA-hcc4-c3v8-rx92", "GHSA-jj3x-wxrx-4x23", "GHSA-m5qp-6w8w-w647", "GHSA-mqqc-3gqh-h2x8", "GHSA-mwh4-6h8g-pg8w", "GHSA-pjjw-qhg8-p2p9", "GHSA-q3qx-c6g2-7pw2", "GHSA-qvrw-v9rv-5rjx", "GHSA-w2fm-2cpv-w7v5", "PYSEC-2023-120", "PYSEC-2023-246", "PYSEC-2023-250", "PYSEC-2023-251" ], "Code Execution": [ "GHSA-3wq7-rqq7-wx6j", "GHSA-54jq-c3m8-4m76", "GHSA-8qpw-xqxj-h4r2", "GHSA-gfw2-4jvh-wgfg", "GHSA-p998-jp59-783m", "PYSEC-2024-26" ], "RAG & Memory Poisoning": [ "GHSA-54jq-c3m8-4m76", "GHSA-xx9p-xxvh-7g8j" ], "Prompt Injection": [ "GHSA-7gpw-8wmc-pm8g" ], "Credential Scope": [ "GHSA-p998-jp59-783m" ], "Output Weaponization": [ "GHSA-p998-jp59-783m", "GHSA-v6wp-4m6f-gcjg", "GHSA-xx9p-xxvh-7g8j", "PYSEC-2021-76", "PYSEC-2023-247" ] }, "direct_vulns": [], "dep_vulns": { "aiohttp": [ { "id": "GHSA-2vrm-gr82-f7m5", "severity": "LOW", "summary": "AIOHTTP has CRLF injection through multipart part content type header construction" }, { "id": "GHSA-3wq7-rqq7-wx6j", "severity": "LOW", "summary": "AIOHTTP has late size enforcement for non-file multipart fields causes memory DoS" }, { "id": "GHSA-45c4-8wx5-qw6w", "severity": "MEDIUM", "summary": "aiohttp.web.Application vulnerable to HTTP request smuggling via llhttp HTTP request parser" }, { "id": "GHSA-54jq-c3m8-4m76", "severity": "LOW", "summary": "AIOHTTP vulnerable to brute-force leak of internal static \ufb01le path components" }, { "id": "GHSA-5m98-qgg9-wh84", "severity": "HIGH", "summary": "aiohttp vulnerable to Denial of Service when trying to parse malformed POST requests" }, { "id": "GHSA-63hf-3vf5-4wqf", "severity": "LOW", "summary": "AIOHTTP's C parser (llhttp) accepts null bytes and control characters in response header values - header injection/security bypass" }, { "id": "GHSA-69f9-5gxw-wvc2", "severity": "LOW", "summary": "AIOHTTP's unicode processing of header values could cause parsing discrepancies" }, { "id": "GHSA-6jhg-hg63-jvvf", "severity": "MEDIUM", "summary": "AIOHTTP vulnerable to denial of service through large payloads" }, { "id": "GHSA-6mq8-rvhq-8wgg", "severity": "HIGH", "summary": "AIOHTTP's HTTP Parser auto_decompress feature is vulnerable to zip bomb" }, { "id": "GHSA-7gpw-8wmc-pm8g", "severity": "MEDIUM", "summary": "aiohttp Cross-site Scripting vulnerability on index pages for static file handling" }, { "id": "GHSA-8495-4g3g-x7pr", "severity": "MEDIUM", "summary": "aiohttp allows request smuggling due to incorrect parsing of chunk extensions" }, { "id": "GHSA-8qpw-xqxj-h4r2", "severity": "MEDIUM", "summary": "aiohttp's HTTP parser (the python one, not llhttp) still overly lenient about separators" }, { "id": "GHSA-9548-qrrj-x5pj", "severity": "LOW", "summary": " AIOHTTP is vulnerable to HTTP Request/Response Smuggling through incorrect parsing of chunked trailer sections" }, { "id": "GHSA-966j-vmvw-g2g9", "severity": "LOW", "summary": "AIOHTTP leaks Cookie and Proxy-Authorization headers on cross-origin redirect" }, { "id": "GHSA-c427-h43c-vf67", "severity": "MEDIUM", "summary": "AIOHTTP accepts duplicate Host headers" }, { "id": "GHSA-fh55-r93g-j68g", "severity": "LOW", "summary": "AIOHTTP Vulnerable to Cookie Parser Warning Storm" }, { "id": "GHSA-g84x-mcqj-x9qq", "severity": "MEDIUM", "summary": "AIOHTTP vulnerable to DoS through chunked messages" }, { "id": "GHSA-gfw2-4jvh-wgfg", "severity": "MEDIUM", "summary": "AIOHTTP has problems in HTTP parser (the python one, not llhttp)" }, { "id": "GHSA-hcc4-c3v8-rx92", "severity": "LOW", "summary": "AIOHTTP Affected by Denial of Service (DoS) via Unbounded DNS Cache in TCPConnector" }, { "id": "GHSA-jj3x-wxrx-4x23", "severity": "MEDIUM", "summary": "AIOHTTP vulnerable to DoS when bypassing asserts" }, { "id": "GHSA-m5qp-6w8w-w647", "severity": "MEDIUM", "summary": "AIOHTTP has a Multipart Header Size Bypass" }, { "id": "GHSA-mqqc-3gqh-h2x8", "severity": "LOW", "summary": "AIOHTTP has unicode match groups in regexes for ASCII protocol elements" }, { "id": "GHSA-mwh4-6h8g-pg8w", "severity": "LOW", "summary": "AIOHTTP has HTTP response splitting via \\r in reason phrase" }, { "id": "GHSA-p998-jp59-783m", "severity": "MEDIUM", "summary": "AIOHTTP affected by UNC SSRF/NTLMv2 Credential Theft/Local File Read in static resource handler on Windows" }, { "id": "GHSA-pjjw-qhg8-p2p9", "severity": "MEDIUM", "summary": "aiohttp has vulnerable dependency that is vulnerable to request smuggling" }, { "id": "GHSA-q3qx-c6g2-7pw2", "severity": "MEDIUM", "summary": "aiohttp's ClientSession is vulnerable to CRLF injection via version" }, { "id": "GHSA-qvrw-v9rv-5rjx", "severity": "MEDIUM", "summary": "aiohttp's ClientSession is vulnerable to CRLF injection via method" }, { "id": "GHSA-v6wp-4m6f-gcjg", "severity": "LOW", "summary": "`aiohttp` Open Redirect vulnerability (`normalize_path_middleware` middleware)" }, { "id": "GHSA-w2fm-2cpv-w7v5", "severity": "MEDIUM", "summary": "aiohttp allows unlimited trailer headers, leading to possible uncapped memory usage" }, { "id": "GHSA-xx9p-xxvh-7g8j", "severity": "LOW", "summary": "Aiohttp has inconsistent interpretation of `Content-Length` vs. `Transfer-Encoding` differing in C and Python fallbacks" }, { "id": "PYSEC-2021-76", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-120", "severity": "UNKNOWN", "summary": "aiohttp.web.Application vulnerable to HTTP request smuggling via llhttp HTTP request parser" }, { "id": "PYSEC-2023-246", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-247", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-250", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-251", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-26", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "actions-latest-mcp", "version": "0.1.1", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 5, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "actionsMCP", "version": "1.4.1", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "activecamp-mcp", "version": "0.1.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 14, "max_severity": "CRITICAL", "tactic_exposure": { "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183", "GHSA-mxxr-jv3v-6pgc", "GHSA-8q59-q68h-6hv4" ], "Code Execution": [ "GHSA-5h2m-4q8j-pqpj", "GHSA-c2jp-c369-7pvx", "GHSA-m8x7-r2rg-vh5g", "GHSA-rj5c-58rq-j5g5", "GHSA-rww4-4w9c-7733", "GHSA-8q59-q68h-6hv4", "GHSA-rprw-h62v-c2w7", "PYSEC-2018-49", "PYSEC-2021-142" ], "Credential Scope": [ "GHSA-5h2m-4q8j-pqpj", "GHSA-vv7q-7jx5-f767" ], "Infrastructure & Runtime": [ "GHSA-rcfx-77hg-w2wv" ], "Privilege Escalation": [ "GHSA-rww4-4w9c-7733", "GHSA-vv7q-7jx5-f767" ], "RAG & Memory Poisoning": [ "GHSA-vv7q-7jx5-f767" ], "Output Weaponization": [ "GHSA-vv7q-7jx5-f767" ] }, "direct_vulns": [], "dep_vulns": { "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "fastmcp": [ { "id": "GHSA-5h2m-4q8j-pqpj", "severity": "HIGH", "summary": "FastMCP OAuth Proxy token reuse across MCP servers" }, { "id": "GHSA-c2jp-c369-7pvx", "severity": "HIGH", "summary": "FastMCP Auth Integration Allows for Confused Deputy Account Takeover" }, { "id": "GHSA-m8x7-r2rg-vh5g", "severity": "MEDIUM", "summary": "FastMCP has a Command Injection vulnerability - Gemini CLI" }, { "id": "GHSA-mxxr-jv3v-6pgc", "severity": "MEDIUM", "summary": "FastMCP vulnerable to reflected XSS in client's callback page" }, { "id": "GHSA-rcfx-77hg-w2wv", "severity": "HIGH", "summary": "FastMCP updated to MCP 1.23+ due to CVE-2025-66416" }, { "id": "GHSA-rj5c-58rq-j5g5", "severity": "MEDIUM", "summary": "FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name" }, { "id": "GHSA-rww4-4w9c-7733", "severity": "HIGH", "summary": "FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities" }, { "id": "GHSA-vv7q-7jx5-f767", "severity": "CRITICAL", "summary": "FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability" } ], "pyyaml": [ { "id": "GHSA-8q59-q68h-6hv4", "severity": "CRITICAL", "summary": "Improper Input Validation in PyYAML" }, { "id": "GHSA-rprw-h62v-c2w7", "severity": "CRITICAL", "summary": "PyYAML insecurely deserializes YAML strings leading to arbitrary code execution" }, { "id": "PYSEC-2018-49", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-142", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "active-claude-github-mcp", "version": "2.3.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 8, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "activitywatch-mcp-server-py", "version": "2.1.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 13, "max_severity": "CRITICAL", "tactic_exposure": { "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183", "GHSA-mxxr-jv3v-6pgc" ], "Infrastructure & Runtime": [ "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47", "GHSA-rcfx-77hg-w2wv" ], "Code Execution": [ "GHSA-5h2m-4q8j-pqpj", "GHSA-c2jp-c369-7pvx", "GHSA-m8x7-r2rg-vh5g", "GHSA-rj5c-58rq-j5g5", "GHSA-rww4-4w9c-7733" ], "Credential Scope": [ "GHSA-5h2m-4q8j-pqpj", "GHSA-vv7q-7jx5-f767" ], "Privilege Escalation": [ "GHSA-rww4-4w9c-7733", "GHSA-vv7q-7jx5-f767" ], "RAG & Memory Poisoning": [ "GHSA-vv7q-7jx5-f767" ], "Output Weaponization": [ "GHSA-vv7q-7jx5-f767" ] }, "direct_vulns": [], "dep_vulns": { "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ], "fastmcp": [ { "id": "GHSA-5h2m-4q8j-pqpj", "severity": "HIGH", "summary": "FastMCP OAuth Proxy token reuse across MCP servers" }, { "id": "GHSA-c2jp-c369-7pvx", "severity": "HIGH", "summary": "FastMCP Auth Integration Allows for Confused Deputy Account Takeover" }, { "id": "GHSA-m8x7-r2rg-vh5g", "severity": "MEDIUM", "summary": "FastMCP has a Command Injection vulnerability - Gemini CLI" }, { "id": "GHSA-mxxr-jv3v-6pgc", "severity": "MEDIUM", "summary": "FastMCP vulnerable to reflected XSS in client's callback page" }, { "id": "GHSA-rcfx-77hg-w2wv", "severity": "HIGH", "summary": "FastMCP updated to MCP 1.23+ due to CVE-2025-66416" }, { "id": "GHSA-rj5c-58rq-j5g5", "severity": "MEDIUM", "summary": "FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name" }, { "id": "GHSA-rww4-4w9c-7733", "severity": "HIGH", "summary": "FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities" }, { "id": "GHSA-vv7q-7jx5-f767", "severity": "CRITICAL", "summary": "FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability" } ] } }, { "name": "actvalue.lambda-mcp-server", "version": "2.0.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 7, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-8h2j-cgx8-6xv7", "PYSEC-2021-100", "PYSEC-2024-38", "GHSA-f97h-2pfx-f59f", "PYSEC-2020-151" ], "Code Execution": [ "PYSEC-2024-38", "GHSA-33c7-2mpw-hg34", "PYSEC-2020-150" ] }, "direct_vulns": [], "dep_vulns": { "fastapi": [ { "id": "GHSA-8h2j-cgx8-6xv7", "severity": "HIGH", "summary": "Cross-Site Request Forgery (CSRF) in FastAPI" }, { "id": "PYSEC-2021-100", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-38", "severity": "UNKNOWN", "summary": "" } ], "uvicorn": [ { "id": "GHSA-33c7-2mpw-hg34", "severity": "HIGH", "summary": "Log injection in uvicorn" }, { "id": "GHSA-f97h-2pfx-f59f", "severity": "HIGH", "summary": "HTTP response splitting in uvicorn" }, { "id": "PYSEC-2020-150", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-151", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "acumatica-mcp", "version": "0.9.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 7, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-6w46-j5rx-g56g", "GHSA-mf9w-mj56-hr94" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183" ], "Privilege Escalation": [ "GHSA-mf9w-mj56-hr94" ], "Credential Scope": [ "GHSA-mf9w-mj56-hr94" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ], "python-dotenv": [ { "id": "GHSA-mf9w-mj56-hr94", "severity": "MEDIUM", "summary": "python-dotenv: Symlink following in set_key allows arbitrary file overwrite via cross-device rename fallback" } ] } }, { "name": "adafruit-circuitpython-mcp230xx", "version": "2.6.2", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "adafruit-circuitpython-mcp2515", "version": "1.1.13", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "adafruit-circuitpython-mcp3421", "version": "1.1.7", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "adafruit-circuitpython-mcp3xxx", "version": "1.5.2", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "adafruit-circuitpython-mcp4725", "version": "1.4.21", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "adafruit-circuitpython-mcp4728", "version": "1.3.16", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "adafruit-circuitpython-mcp9600", "version": "2.0.10", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "adafruit-circuitpython-mcp9808", "version": "3.3.32", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "Adafruit-MCP3008", "version": "1.0.2", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "Adafruit-MCP4725", "version": "1.0.4", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "Adafruit-MCP9808", "version": "1.5.6", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "adam-calculator-mcp", "version": "0.1.4", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 5, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "adam-mcp", "version": "1.0.1", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ] } }, { "name": "adaptive-agent-mcp", "version": "0.6.2", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 15, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47", "GHSA-qmgc-5h2g-mvrw", "GHSA-w853-jp5j-5j7f", "GHSA-vrcx-gx3g-j3h8" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh", "GHSA-8q59-q68h-6hv4", "GHSA-rprw-h62v-c2w7", "PYSEC-2018-49", "PYSEC-2021-142", "GHSA-qmgc-5h2g-mvrw" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183", "GHSA-8q59-q68h-6hv4" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ], "pyyaml": [ { "id": "GHSA-8q59-q68h-6hv4", "severity": "CRITICAL", "summary": "Improper Input Validation in PyYAML" }, { "id": "GHSA-rprw-h62v-c2w7", "severity": "CRITICAL", "summary": "PyYAML insecurely deserializes YAML strings leading to arbitrary code execution" }, { "id": "PYSEC-2018-49", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-142", "severity": "UNKNOWN", "summary": "" } ], "filelock": [ { "id": "GHSA-qmgc-5h2g-mvrw", "severity": "MEDIUM", "summary": "filelock Time-of-Check-Time-of-Use (TOCTOU) Symlink Vulnerability in SoftFileLock" }, { "id": "GHSA-w853-jp5j-5j7f", "severity": "MEDIUM", "summary": "filelock has a TOCTOU race condition which allows symlink attacks during lock file creation" } ], "sqlite-vec": [ { "id": "GHSA-vrcx-gx3g-j3h8", "severity": "HIGH", "summary": "Heap-based Buffer Overflow in sqlite-vec" } ] } }, { "name": "adb-mcp", "version": "0.1.1", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ] } }, { "name": "adb-mcp-server", "version": "1.0.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ] } }, { "name": "adb-mysql-mcp-server", "version": "1.0.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 4, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-v9hf-5j83-6xpp" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "pymysql": [ { "id": "GHSA-v9hf-5j83-6xpp", "severity": "CRITICAL", "summary": "PyMySQL SQL Injection vulnerability" } ] } }, { "name": "adbpg-mcp-server", "version": "2.0.3", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 12, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-652x-xj99-gmcc", "GHSA-9wx4-h78v-vm56", "GHSA-gc5v-m9x4-r6x2", "PYSEC-2014-14" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "Credential Scope": [ "GHSA-9hjg-9r4m-mvj7", "GHSA-cfj3-7x9c-4p3h", "GHSA-x84v-xcm2-53pg", "PYSEC-2014-13", "PYSEC-2018-28" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "requests": [ { "id": "GHSA-652x-xj99-gmcc", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-9hjg-9r4m-mvj7", "severity": "MEDIUM", "summary": "Requests vulnerable to .netrc credentials leak via malicious URLs" }, { "id": "GHSA-9wx4-h78v-vm56", "severity": "MEDIUM", "summary": "Requests `Session` object does not verify requests after making first request with verify=False" }, { "id": "GHSA-cfj3-7x9c-4p3h", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-gc5v-m9x4-r6x2", "severity": "MEDIUM", "summary": "Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function" }, { "id": "GHSA-x84v-xcm2-53pg", "severity": "HIGH", "summary": "Insufficiently Protected Credentials in Requests" }, { "id": "PYSEC-2014-13", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-14", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2018-28", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "adbpg-mcp-server-test", "version": "0.1.8", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 7, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47", "GHSA-mf9w-mj56-hr94" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "Privilege Escalation": [ "GHSA-mf9w-mj56-hr94" ], "Credential Scope": [ "GHSA-mf9w-mj56-hr94" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ], "python-dotenv": [ { "id": "GHSA-mf9w-mj56-hr94", "severity": "MEDIUM", "summary": "python-dotenv: Symlink following in set_key allows arbitrary file overwrite via cross-device rename fallback" } ] } }, { "name": "adcirc-mcp", "version": "0.1.1", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 8, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "ad-copy-ai-mcp", "version": "1.0.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ] } }, { "name": "addgene-mcp", "version": "0.1.3", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 48, "max_severity": "CRITICAL", "tactic_exposure": { "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183", "GHSA-mxxr-jv3v-6pgc" ], "Infrastructure & Runtime": [ "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47", "GHSA-6w46-j5rx-g56g", "GHSA-652x-xj99-gmcc", "GHSA-9wx4-h78v-vm56", "GHSA-gc5v-m9x4-r6x2", "PYSEC-2014-14", "GHSA-mf9w-mj56-hr94", "GHSA-8h2j-cgx8-6xv7", "PYSEC-2021-100", "PYSEC-2024-38", "GHSA-f97h-2pfx-f59f", "PYSEC-2020-151", "GHSA-rcfx-77hg-w2wv", "GHSA-2qfp-q593-8484", "GHSA-4qqq-9vqf-3h3f", "GHSA-cc65-xxvf-f7r9", "GHSA-cw9j-q3vf-hrrv", "GHSA-jm3v-qxmh-hxwv", "PYSEC-2022-159", "PYSEC-2024-162" ], "Credential Scope": [ "GHSA-9hjg-9r4m-mvj7", "GHSA-cfj3-7x9c-4p3h", "GHSA-x84v-xcm2-53pg", "PYSEC-2014-13", "PYSEC-2018-28", "GHSA-mf9w-mj56-hr94", "GHSA-5h2m-4q8j-pqpj", "GHSA-vv7q-7jx5-f767", "GHSA-823f-cwm9-4g74", "PYSEC-2021-364", "GHSA-23j4-mw76-5v7h", "GHSA-9x8m-2xpf-crp3", "GHSA-jwqp-28gf-p498", "PYSEC-2021-363" ], "Privilege Escalation": [ "GHSA-mf9w-mj56-hr94", "GHSA-rww4-4w9c-7733", "GHSA-vv7q-7jx5-f767" ], "Code Execution": [ "PYSEC-2024-38", "GHSA-33c7-2mpw-hg34", "PYSEC-2020-150", "GHSA-5h2m-4q8j-pqpj", "GHSA-c2jp-c369-7pvx", "GHSA-m8x7-r2rg-vh5g", "GHSA-rj5c-58rq-j5g5", "GHSA-rww4-4w9c-7733", "GHSA-823f-cwm9-4g74", "GHSA-7j7m-v7m3-jqm7", "GHSA-9x8m-2xpf-crp3", "GHSA-cjvr-mfj7-j4j8", "GHSA-jwqp-28gf-p498", "GHSA-mfjm-vh54-3f96", "PYSEC-2024-162" ], "RAG & Memory Poisoning": [ "GHSA-vv7q-7jx5-f767" ], "Output Weaponization": [ "GHSA-vv7q-7jx5-f767", "PYSEC-2024-258" ] }, "direct_vulns": [], "dep_vulns": { "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ], "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ], "requests": [ { "id": "GHSA-652x-xj99-gmcc", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-9hjg-9r4m-mvj7", "severity": "MEDIUM", "summary": "Requests vulnerable to .netrc credentials leak via malicious URLs" }, { "id": "GHSA-9wx4-h78v-vm56", "severity": "MEDIUM", "summary": "Requests `Session` object does not verify requests after making first request with verify=False" }, { "id": "GHSA-cfj3-7x9c-4p3h", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-gc5v-m9x4-r6x2", "severity": "MEDIUM", "summary": "Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function" }, { "id": "GHSA-x84v-xcm2-53pg", "severity": "HIGH", "summary": "Insufficiently Protected Credentials in Requests" }, { "id": "PYSEC-2014-13", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-14", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2018-28", "severity": "UNKNOWN", "summary": "" } ], "python-dotenv": [ { "id": "GHSA-mf9w-mj56-hr94", "severity": "MEDIUM", "summary": "python-dotenv: Symlink following in set_key allows arbitrary file overwrite via cross-device rename fallback" } ], "fastapi": [ { "id": "GHSA-8h2j-cgx8-6xv7", "severity": "HIGH", "summary": "Cross-Site Request Forgery (CSRF) in FastAPI" }, { "id": "PYSEC-2021-100", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-38", "severity": "UNKNOWN", "summary": "" } ], "uvicorn": [ { "id": "GHSA-33c7-2mpw-hg34", "severity": "HIGH", "summary": "Log injection in uvicorn" }, { "id": "GHSA-f97h-2pfx-f59f", "severity": "HIGH", "summary": "HTTP response splitting in uvicorn" }, { "id": "PYSEC-2020-150", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-151", "severity": "UNKNOWN", "summary": "" } ], "fastmcp": [ { "id": "GHSA-5h2m-4q8j-pqpj", "severity": "HIGH", "summary": "FastMCP OAuth Proxy token reuse across MCP servers" }, { "id": "GHSA-c2jp-c369-7pvx", "severity": "HIGH", "summary": "FastMCP Auth Integration Allows for Confused Deputy Account Takeover" }, { "id": "GHSA-m8x7-r2rg-vh5g", "severity": "MEDIUM", "summary": "FastMCP has a Command Injection vulnerability - Gemini CLI" }, { "id": "GHSA-mxxr-jv3v-6pgc", "severity": "MEDIUM", "summary": "FastMCP vulnerable to reflected XSS in client's callback page" }, { "id": "GHSA-rcfx-77hg-w2wv", "severity": "HIGH", "summary": "FastMCP updated to MCP 1.23+ due to CVE-2025-66416" }, { "id": "GHSA-rj5c-58rq-j5g5", "severity": "MEDIUM", "summary": "FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name" }, { "id": "GHSA-rww4-4w9c-7733", "severity": "HIGH", "summary": "FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities" }, { "id": "GHSA-vv7q-7jx5-f767", "severity": "CRITICAL", "summary": "FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability" } ], "scrapy-splash": [ { "id": "GHSA-823f-cwm9-4g74", "severity": "HIGH", "summary": "Splash authentication credentials potentially leaked to target websites " }, { "id": "PYSEC-2021-364", "severity": "UNKNOWN", "summary": "" } ], "scrapy": [ { "id": "GHSA-23j4-mw76-5v7h", "severity": "MEDIUM", "summary": "Scrapy allows redirect following in protocols other than HTTP" }, { "id": "GHSA-2qfp-q593-8484", "severity": "HIGH", "summary": "Scrapy is vulnerable to a denial of service (DoS) attack due to flaws in brotli decompression implementation" }, { "id": "GHSA-4qqq-9vqf-3h3f", "severity": "MEDIUM", "summary": "Scrapy leaks the authorization header on same-domain but cross-origin redirects" }, { "id": "GHSA-7j7m-v7m3-jqm7", "severity": "HIGH", "summary": "Scrapy decompression bomb vulnerability" }, { "id": "GHSA-9x8m-2xpf-crp3", "severity": "MEDIUM", "summary": "Scrapy before 2.6.2 and 1.8.3 vulnerable to one proxy sending credentials to another" }, { "id": "GHSA-cc65-xxvf-f7r9", "severity": "HIGH", "summary": "Scrapy vulnerable to ReDoS via XMLFeedSpider" }, { "id": "GHSA-cjvr-mfj7-j4j8", "severity": "MEDIUM", "summary": "Incorrect Authorization and Exposure of Sensitive Information to an Unauthorized Actor in scrapy" }, { "id": "GHSA-cw9j-q3vf-hrrv", "severity": "HIGH", "summary": "Scrapy authorization header leakage on cross-domain redirect" }, { "id": "GHSA-jm3v-qxmh-hxwv", "severity": "MEDIUM", "summary": "Scrapy's redirects ignoring scheme-specific proxy settings" }, { "id": "GHSA-jwqp-28gf-p498", "severity": "MEDIUM", "summary": "Scrapy HTTP authentication credentials potentially leaked to target websites " }, { "id": "GHSA-mfjm-vh54-3f96", "severity": "MEDIUM", "summary": "Scrapy cookie-setting is not restricted based on the public suffix list" }, { "id": "PYSEC-2021-363", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2022-159", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-162", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-258", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "add-mcp-server", "version": "0.1.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "add-stdio-mcp-server", "version": "0.1.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ] } }, { "name": "adfinmcp", "version": "0.1.1", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 12, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-652x-xj99-gmcc", "GHSA-9wx4-h78v-vm56", "GHSA-gc5v-m9x4-r6x2", "PYSEC-2014-14" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "Credential Scope": [ "GHSA-9hjg-9r4m-mvj7", "GHSA-cfj3-7x9c-4p3h", "GHSA-x84v-xcm2-53pg", "PYSEC-2014-13", "PYSEC-2018-28" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "requests": [ { "id": "GHSA-652x-xj99-gmcc", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-9hjg-9r4m-mvj7", "severity": "MEDIUM", "summary": "Requests vulnerable to .netrc credentials leak via malicious URLs" }, { "id": "GHSA-9wx4-h78v-vm56", "severity": "MEDIUM", "summary": "Requests `Session` object does not verify requests after making first request with verify=False" }, { "id": "GHSA-cfj3-7x9c-4p3h", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-gc5v-m9x4-r6x2", "severity": "MEDIUM", "summary": "Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function" }, { "id": "GHSA-x84v-xcm2-53pg", "severity": "HIGH", "summary": "Insufficiently Protected Credentials in Requests" }, { "id": "PYSEC-2014-13", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-14", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2018-28", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "adguard-home-mcp", "version": "0.2.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 8, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "adiffy-meta-ads-mcp", "version": "1.0.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 110, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-6w46-j5rx-g56g", "GHSA-652x-xj99-gmcc", "GHSA-9wx4-h78v-vm56", "GHSA-gc5v-m9x4-r6x2", "PYSEC-2014-14", "GHSA-mf9w-mj56-hr94", "GHSA-3c5c-7235-994j", "GHSA-3wvg-mj6g-m9cv", "GHSA-3xv8-3j54-hgrp", "GHSA-43fq-w8qq-v88h", "GHSA-44wm-f244-xhp3", "GHSA-4fx9-vc88-q2xc", "GHSA-57h3-9rgr-c24m", "GHSA-5gm3-px64-rw72", "GHSA-7534-mm45-c74v", "GHSA-7r7m-5h27-29hp", "GHSA-8843-m7mw-mxqm", "GHSA-8ghj-p4vj-mr35", "GHSA-8vj2-vxx3-667w", "GHSA-8xjq-8fcg-g5hw", "GHSA-8xjv-v9xq-m5h9", "GHSA-95q3-8gr9-gm8w", "GHSA-cfmr-38g9-f2h7", "GHSA-cqhg-xjhh-p8hf", "GHSA-f4w8-cv6p-x6r5", "GHSA-f5g8-5qq7-938w", "GHSA-g6rj-rv7j-xwp4", "GHSA-h5rf-vgqx-wjv2", "GHSA-hggx-3h72-49ww", "GHSA-hj69-c76v-86wr", "GHSA-hvr8-466p-75rh", "GHSA-j6f7-g425-4gmx", "GHSA-j7hp-h8jx-5ppr", "GHSA-j7mj-748x-7p78", "GHSA-jgpv-4h4c-xhw3", "GHSA-m2vv-5vj5-2hm7", "GHSA-mvg9-xffr-p774", "GHSA-p49h-hjvm-jg3h", "GHSA-pw3c-h7wp-cvhx", "GHSA-q5hq-fp76-qmrc", "GHSA-r7rm-8j6h-r933", "GHSA-r854-96gq-rfg3", "GHSA-rwr3-c2q8-gm56", "GHSA-vcqg-3p29-xw73", "GHSA-vj42-xq3r-hr3r", "GHSA-vqcj-wrf2-7v73", "GHSA-x895-2wrm-hvp7", "GHSA-xrcv-f9gm-v42c", "PYSEC-2014-10", "PYSEC-2014-22", "PYSEC-2014-23", "PYSEC-2014-87", "PYSEC-2015-15", "PYSEC-2015-16", "PYSEC-2016-19", "PYSEC-2016-5", "PYSEC-2016-6", "PYSEC-2016-7", "PYSEC-2016-8", "PYSEC-2019-110", "PYSEC-2020-172", "PYSEC-2020-76", "PYSEC-2020-77", "PYSEC-2020-78", "PYSEC-2020-79", "PYSEC-2020-80", "PYSEC-2020-81", "PYSEC-2020-82", "PYSEC-2020-83", "PYSEC-2020-84", "PYSEC-2021-137", "PYSEC-2021-138", "PYSEC-2021-139", "PYSEC-2021-317", "PYSEC-2021-331", "PYSEC-2021-35", "PYSEC-2021-36", "PYSEC-2021-37", "PYSEC-2021-38", "PYSEC-2021-39", "PYSEC-2021-40", "PYSEC-2021-41", "PYSEC-2021-42", "PYSEC-2021-69", "PYSEC-2021-70", "PYSEC-2021-92", "PYSEC-2021-93", "PYSEC-2021-94", "PYSEC-2022-10", "PYSEC-2022-168", "PYSEC-2022-42979", "PYSEC-2022-8", "PYSEC-2022-9", "PYSEC-2023-175", "PYSEC-2023-227" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh", "GHSA-3f63-hfp8-52jq", "GHSA-3wvg-mj6g-m9cv", "GHSA-5gm3-px64-rw72", "GHSA-8m9x-pxwq-j236", "GHSA-95q3-8gr9-gm8w", "GHSA-f4w8-cv6p-x6r5", "GHSA-jgpv-4h4c-xhw3", "GHSA-q5hq-fp76-qmrc", "GHSA-w4vg-rf63-f3j3", "PYSEC-2016-9" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183" ], "Credential Scope": [ "GHSA-9hjg-9r4m-mvj7", "GHSA-cfj3-7x9c-4p3h", "GHSA-x84v-xcm2-53pg", "PYSEC-2014-13", "PYSEC-2018-28", "GHSA-mf9w-mj56-hr94" ], "Privilege Escalation": [ "GHSA-mf9w-mj56-hr94" ], "RAG & Memory Poisoning": [ "GHSA-9j59-75qj-795w" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ], "requests": [ { "id": "GHSA-652x-xj99-gmcc", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-9hjg-9r4m-mvj7", "severity": "MEDIUM", "summary": "Requests vulnerable to .netrc credentials leak via malicious URLs" }, { "id": "GHSA-9wx4-h78v-vm56", "severity": "MEDIUM", "summary": "Requests `Session` object does not verify requests after making first request with verify=False" }, { "id": "GHSA-cfj3-7x9c-4p3h", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-gc5v-m9x4-r6x2", "severity": "MEDIUM", "summary": "Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function" }, { "id": "GHSA-x84v-xcm2-53pg", "severity": "HIGH", "summary": "Insufficiently Protected Credentials in Requests" }, { "id": "PYSEC-2014-13", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-14", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2018-28", "severity": "UNKNOWN", "summary": "" } ], "python-dotenv": [ { "id": "GHSA-mf9w-mj56-hr94", "severity": "MEDIUM", "summary": "python-dotenv: Symlink following in set_key allows arbitrary file overwrite via cross-device rename fallback" } ], "pillow": [ { "id": "GHSA-3c5c-7235-994j", "severity": "HIGH", "summary": "Pillow buffer overflow in ImagingPcdDecode" }, { "id": "GHSA-3f63-hfp8-52jq", "severity": "CRITICAL", "summary": "Arbitrary Code Execution in Pillow" }, { "id": "GHSA-3wvg-mj6g-m9cv", "severity": "HIGH", "summary": "Pillow Uncontrolled Resource Consumption" }, { "id": "GHSA-3xv8-3j54-hgrp", "severity": "HIGH", "summary": "Out-of-bounds read in Pillow" }, { "id": "GHSA-43fq-w8qq-v88h", "severity": "CRITICAL", "summary": "Out-of-bounds read in Pillow" }, { "id": "GHSA-44wm-f244-xhp3", "severity": "HIGH", "summary": "Pillow buffer overflow vulnerability" }, { "id": "GHSA-4fx9-vc88-q2xc", "severity": "LOW", "summary": "Infinite loop in Pillow" }, { "id": "GHSA-57h3-9rgr-c24m", "severity": "CRITICAL", "summary": "Out of bounds write in Pillow" }, { "id": "GHSA-5gm3-px64-rw72", "severity": "HIGH", "summary": "Uncontrolled Resource Consumption in Pillow" }, { "id": "GHSA-7534-mm45-c74v", "severity": "CRITICAL", "summary": "Buffer Overflow in Pillow" }, { "id": "GHSA-7r7m-5h27-29hp", "severity": "HIGH", "summary": "Potential infinite loop in Pillow" }, { "id": "GHSA-8843-m7mw-mxqm", "severity": "HIGH", "summary": "Buffer overflow in Pillow" }, { "id": "GHSA-8ghj-p4vj-mr35", "severity": "HIGH", "summary": "Pillow Denial of Service vulnerability" }, { "id": "GHSA-8m9x-pxwq-j236", "severity": "CRITICAL", "summary": "Pillow command injection" }, { "id": "GHSA-8vj2-vxx3-667w", "severity": "CRITICAL", "summary": "Arbitrary expression injection in Pillow" }, { "id": "GHSA-8xjq-8fcg-g5hw", "severity": "HIGH", "summary": "Out-of-bounds Write in Pillow" }, { "id": "GHSA-8xjv-v9xq-m5h9", "severity": "HIGH", "summary": "Pillow Buffer overflow in ImagingFliDecode" }, { "id": "GHSA-95q3-8gr9-gm8w", "severity": "HIGH", "summary": "Pillow Denial of Service by Uncontrolled Resource Consumption" }, { "id": "GHSA-9j59-75qj-795w", "severity": "HIGH", "summary": "Path traversal in Pillow" }, { "id": "GHSA-cfmr-38g9-f2h7", "severity": "HIGH", "summary": "Pillow denial of service via Crafted Block Size" }, { "id": "GHSA-cqhg-xjhh-p8hf", "severity": "HIGH", "summary": "Out-of-bounds reads in Pillow" }, { "id": "GHSA-f4w8-cv6p-x6r5", "severity": "HIGH", "summary": "Pillow Denial of Service by Uncontrolled Resource Consumption" }, { "id": "GHSA-f5g8-5qq7-938w", "severity": "HIGH", "summary": "Pillow Out-of-bounds Read" }, { "id": "GHSA-g6rj-rv7j-xwp4", "severity": "HIGH", "summary": "Pillow denial of service" }, { "id": "GHSA-h5rf-vgqx-wjv2", "severity": "HIGH", "summary": "Pillow denial of service via PNG bomb" }, { "id": "GHSA-hggx-3h72-49ww", "severity": "MEDIUM", "summary": "Pillow Buffer overflow in ImagingLibTiffDecode" }, { "id": "GHSA-hj69-c76v-86wr", "severity": "HIGH", "summary": "Out-of-bounds Read in Pillow" }, { "id": "GHSA-hvr8-466p-75rh", "severity": "CRITICAL", "summary": "Pillow Integer overflow in ImagingResampleHorizontal" }, { "id": "GHSA-j6f7-g425-4gmx", "severity": "HIGH", "summary": "Pillow is vulnerable to Denial of Service (DOS) in the Jpeg2KImagePlugin" }, { "id": "GHSA-j7hp-h8jx-5ppr", "severity": "HIGH", "summary": "libwebp: OOB write in BuildHuffmanTable" }, { "id": "GHSA-j7mj-748x-7p78", "severity": "HIGH", "summary": "DOS attack in Pillow when processing specially crafted image files" }, { "id": "GHSA-jgpv-4h4c-xhw3", "severity": "MEDIUM", "summary": "Uncontrolled Resource Consumption in pillow" }, { "id": "GHSA-m2vv-5vj5-2hm7", "severity": "HIGH", "summary": "Pillow vulnerable to Data Amplification attack." }, { "id": "GHSA-mvg9-xffr-p774", "severity": "HIGH", "summary": "Out of bounds read in Pillow" }, { "id": "GHSA-p49h-hjvm-jg3h", "severity": "CRITICAL", "summary": "PCX P mode buffer overflow in Pillow" }, { "id": "GHSA-pw3c-h7wp-cvhx", "severity": "MEDIUM", "summary": "Improper Initialization in Pillow" }, { "id": "GHSA-q5hq-fp76-qmrc", "severity": "HIGH", "summary": "Uncontrolled Resource Consumption in Pillow" }, { "id": "GHSA-r7rm-8j6h-r933", "severity": "CRITICAL", "summary": "Buffer Copy without Checking Size of Input in Pillow" }, { "id": "GHSA-r854-96gq-rfg3", "severity": "MEDIUM", "summary": "Pillow Temporary file name leakage" }, { "id": "GHSA-rwr3-c2q8-gm56", "severity": "MEDIUM", "summary": "Pillow Integer overflow in Map.c" }, { "id": "GHSA-vcqg-3p29-xw73", "severity": "CRITICAL", "summary": "Integer overflow in Pillow" }, { "id": "GHSA-vj42-xq3r-hr3r", "severity": "HIGH", "summary": "Out-of-bounds reads in Pillow" }, { "id": "GHSA-vqcj-wrf2-7v73", "severity": "HIGH", "summary": "Pillow Out-of-bounds Write" }, { "id": "GHSA-w4vg-rf63-f3j3", "severity": "HIGH", "summary": "Arbitrary code using \"crafted image file\" approach affecting Pillow" }, { "id": "GHSA-x895-2wrm-hvp7", "severity": "HIGH", "summary": "PIL and Pillow Vulnerable to Symlink Attack on Tmpfiles" }, { "id": "GHSA-xrcv-f9gm-v42c", "severity": "MEDIUM", "summary": "Out-of-bounds Read in Pillow" }, { "id": "PYSEC-2014-10", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-22", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-23", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-87", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2015-15", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2015-16", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2016-19", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2016-5", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2016-6", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2016-7", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2016-8", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2016-9", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2019-110", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-172", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-76", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-77", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-78", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-79", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-80", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-81", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-82", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-83", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-84", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-137", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-138", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-139", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-317", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-331", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-35", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-36", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-37", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-38", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-39", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-40", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-41", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-42", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-69", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-70", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-92", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-93", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-94", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2022-10", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2022-168", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2022-42979", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2022-8", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2022-9", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-175", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-227", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "adif-mcp", "version": "1.0.5", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 19, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-6w46-j5rx-g56g", "GHSA-652x-xj99-gmcc", "GHSA-9wx4-h78v-vm56", "GHSA-gc5v-m9x4-r6x2", "PYSEC-2014-14", "GHSA-rcfx-77hg-w2wv" ], "Credential Scope": [ "GHSA-9hjg-9r4m-mvj7", "GHSA-cfj3-7x9c-4p3h", "GHSA-x84v-xcm2-53pg", "PYSEC-2014-13", "PYSEC-2018-28", "GHSA-5h2m-4q8j-pqpj", "GHSA-vv7q-7jx5-f767" ], "Code Execution": [ "GHSA-5h2m-4q8j-pqpj", "GHSA-c2jp-c369-7pvx", "GHSA-m8x7-r2rg-vh5g", "GHSA-rj5c-58rq-j5g5", "GHSA-rww4-4w9c-7733" ], "Prompt Injection": [ "GHSA-mxxr-jv3v-6pgc" ], "Privilege Escalation": [ "GHSA-rww4-4w9c-7733", "GHSA-vv7q-7jx5-f767" ], "RAG & Memory Poisoning": [ "GHSA-vv7q-7jx5-f767" ], "Output Weaponization": [ "GHSA-vv7q-7jx5-f767" ] }, "direct_vulns": [], "dep_vulns": { "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" }, { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ], "requests": [ { "id": "GHSA-652x-xj99-gmcc", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-9hjg-9r4m-mvj7", "severity": "MEDIUM", "summary": "Requests vulnerable to .netrc credentials leak via malicious URLs" }, { "id": "GHSA-9wx4-h78v-vm56", "severity": "MEDIUM", "summary": "Requests `Session` object does not verify requests after making first request with verify=False" }, { "id": "GHSA-cfj3-7x9c-4p3h", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-gc5v-m9x4-r6x2", "severity": "MEDIUM", "summary": "Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function" }, { "id": "GHSA-x84v-xcm2-53pg", "severity": "HIGH", "summary": "Insufficiently Protected Credentials in Requests" }, { "id": "PYSEC-2014-13", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-14", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2018-28", "severity": "UNKNOWN", "summary": "" } ], "fastmcp": [ { "id": "GHSA-5h2m-4q8j-pqpj", "severity": "HIGH", "summary": "FastMCP OAuth Proxy token reuse across MCP servers" }, { "id": "GHSA-c2jp-c369-7pvx", "severity": "HIGH", "summary": "FastMCP Auth Integration Allows for Confused Deputy Account Takeover" }, { "id": "GHSA-m8x7-r2rg-vh5g", "severity": "MEDIUM", "summary": "FastMCP has a Command Injection vulnerability - Gemini CLI" }, { "id": "GHSA-mxxr-jv3v-6pgc", "severity": "MEDIUM", "summary": "FastMCP vulnerable to reflected XSS in client's callback page" }, { "id": "GHSA-rcfx-77hg-w2wv", "severity": "HIGH", "summary": "FastMCP updated to MCP 1.23+ due to CVE-2025-66416" }, { "id": "GHSA-rj5c-58rq-j5g5", "severity": "MEDIUM", "summary": "FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name" }, { "id": "GHSA-rww4-4w9c-7733", "severity": "HIGH", "summary": "FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities" }, { "id": "GHSA-vv7q-7jx5-f767", "severity": "CRITICAL", "summary": "FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability" } ] } }, { "name": "adiona-mcp", "version": "0.1.1", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 14, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-mf9w-mj56-hr94", "GHSA-rcfx-77hg-w2wv" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh", "GHSA-5h2m-4q8j-pqpj", "GHSA-c2jp-c369-7pvx", "GHSA-m8x7-r2rg-vh5g", "GHSA-rj5c-58rq-j5g5", "GHSA-rww4-4w9c-7733" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183", "GHSA-mxxr-jv3v-6pgc" ], "Privilege Escalation": [ "GHSA-mf9w-mj56-hr94", "GHSA-rww4-4w9c-7733", "GHSA-vv7q-7jx5-f767" ], "Credential Scope": [ "GHSA-mf9w-mj56-hr94", "GHSA-5h2m-4q8j-pqpj", "GHSA-vv7q-7jx5-f767" ], "RAG & Memory Poisoning": [ "GHSA-vv7q-7jx5-f767" ], "Output Weaponization": [ "GHSA-vv7q-7jx5-f767" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "python-dotenv": [ { "id": "GHSA-mf9w-mj56-hr94", "severity": "MEDIUM", "summary": "python-dotenv: Symlink following in set_key allows arbitrary file overwrite via cross-device rename fallback" } ], "fastmcp": [ { "id": "GHSA-5h2m-4q8j-pqpj", "severity": "HIGH", "summary": "FastMCP OAuth Proxy token reuse across MCP servers" }, { "id": "GHSA-c2jp-c369-7pvx", "severity": "HIGH", "summary": "FastMCP Auth Integration Allows for Confused Deputy Account Takeover" }, { "id": "GHSA-m8x7-r2rg-vh5g", "severity": "MEDIUM", "summary": "FastMCP has a Command Injection vulnerability - Gemini CLI" }, { "id": "GHSA-mxxr-jv3v-6pgc", "severity": "MEDIUM", "summary": "FastMCP vulnerable to reflected XSS in client's callback page" }, { "id": "GHSA-rcfx-77hg-w2wv", "severity": "HIGH", "summary": "FastMCP updated to MCP 1.23+ due to CVE-2025-66416" }, { "id": "GHSA-rj5c-58rq-j5g5", "severity": "MEDIUM", "summary": "FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name" }, { "id": "GHSA-rww4-4w9c-7733", "severity": "HIGH", "summary": "FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities" }, { "id": "GHSA-vv7q-7jx5-f767", "severity": "CRITICAL", "summary": "FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability" } ] } }, { "name": "adls2-mcp-server", "version": "0.1.4", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 5, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-mf9w-mj56-hr94", "GHSA-m5vv-6r4h-3vj9" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "Privilege Escalation": [ "GHSA-mf9w-mj56-hr94" ], "Credential Scope": [ "GHSA-mf9w-mj56-hr94" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "python-dotenv": [ { "id": "GHSA-mf9w-mj56-hr94", "severity": "MEDIUM", "summary": "python-dotenv: Symlink following in set_key allows arbitrary file overwrite via cross-device rename fallback" } ], "azure-identity": [ { "id": "GHSA-m5vv-6r4h-3vj9", "severity": "MEDIUM", "summary": "Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability" } ] } }, { "name": "admapix-mcp", "version": "1.0.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 8, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "ad-material-mcp", "version": "0.1.4", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ] } }, { "name": "ad-mcp", "version": "0.1.1", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ] } }, { "name": "admin-gen-mcp", "version": "0.2.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 7, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-6w46-j5rx-g56g", "GHSA-fj7x-q9j7-g6q6", "PYSEC-2024-48" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "RAG & Memory Poisoning": [ "GHSA-3936-cmfr-pm3m" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ], "black": [ { "id": "GHSA-3936-cmfr-pm3m", "severity": "HIGH", "summary": "Black: Arbitrary file writes from unsanitized user input in cache file name" }, { "id": "GHSA-fj7x-q9j7-g6q6", "severity": "MEDIUM", "summary": "Black vulnerable to Regular Expression Denial of Service (ReDoS)" }, { "id": "PYSEC-2024-48", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "adobe-cja-mcp", "version": "0.1.2", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 13, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47", "GHSA-6w46-j5rx-g56g", "GHSA-mf9w-mj56-hr94", "GHSA-fj7x-q9j7-g6q6", "PYSEC-2024-48" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183" ], "Privilege Escalation": [ "GHSA-mf9w-mj56-hr94" ], "Credential Scope": [ "GHSA-mf9w-mj56-hr94" ], "RAG & Memory Poisoning": [ "GHSA-3936-cmfr-pm3m" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ], "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ], "python-dotenv": [ { "id": "GHSA-mf9w-mj56-hr94", "severity": "MEDIUM", "summary": "python-dotenv: Symlink following in set_key allows arbitrary file overwrite via cross-device rename fallback" } ], "black": [ { "id": "GHSA-3936-cmfr-pm3m", "severity": "HIGH", "summary": "Black: Arbitrary file writes from unsanitized user input in cache file name" }, { "id": "GHSA-fj7x-q9j7-g6q6", "severity": "MEDIUM", "summary": "Black vulnerable to Regular Expression Denial of Service (ReDoS)" }, { "id": "PYSEC-2024-48", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "adobe-mcp", "version": "0.1.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 8, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "ado-mcp", "version": "0.0.1", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 23, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-6w46-j5rx-g56g", "GHSA-652x-xj99-gmcc", "GHSA-9wx4-h78v-vm56", "GHSA-gc5v-m9x4-r6x2", "PYSEC-2014-14", "GHSA-mf9w-mj56-hr94", "GHSA-rcfx-77hg-w2wv" ], "Credential Scope": [ "GHSA-9hjg-9r4m-mvj7", "GHSA-cfj3-7x9c-4p3h", "GHSA-x84v-xcm2-53pg", "PYSEC-2014-13", "PYSEC-2018-28", "GHSA-mf9w-mj56-hr94", "GHSA-5h2m-4q8j-pqpj", "GHSA-vv7q-7jx5-f767" ], "Privilege Escalation": [ "GHSA-mf9w-mj56-hr94", "GHSA-rww4-4w9c-7733", "GHSA-vv7q-7jx5-f767" ], "Code Execution": [ "GHSA-5h2m-4q8j-pqpj", "GHSA-c2jp-c369-7pvx", "GHSA-m8x7-r2rg-vh5g", "GHSA-rj5c-58rq-j5g5", "GHSA-rww4-4w9c-7733", "GHSA-8q59-q68h-6hv4", "GHSA-rprw-h62v-c2w7", "PYSEC-2018-49", "PYSEC-2021-142" ], "Prompt Injection": [ "GHSA-mxxr-jv3v-6pgc", "GHSA-8q59-q68h-6hv4" ], "RAG & Memory Poisoning": [ "GHSA-vv7q-7jx5-f767" ], "Output Weaponization": [ "GHSA-vv7q-7jx5-f767" ] }, "direct_vulns": [], "dep_vulns": { "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ], "requests": [ { "id": "GHSA-652x-xj99-gmcc", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-9hjg-9r4m-mvj7", "severity": "MEDIUM", "summary": "Requests vulnerable to .netrc credentials leak via malicious URLs" }, { "id": "GHSA-9wx4-h78v-vm56", "severity": "MEDIUM", "summary": "Requests `Session` object does not verify requests after making first request with verify=False" }, { "id": "GHSA-cfj3-7x9c-4p3h", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-gc5v-m9x4-r6x2", "severity": "MEDIUM", "summary": "Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function" }, { "id": "GHSA-x84v-xcm2-53pg", "severity": "HIGH", "summary": "Insufficiently Protected Credentials in Requests" }, { "id": "PYSEC-2014-13", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-14", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2018-28", "severity": "UNKNOWN", "summary": "" } ], "python-dotenv": [ { "id": "GHSA-mf9w-mj56-hr94", "severity": "MEDIUM", "summary": "python-dotenv: Symlink following in set_key allows arbitrary file overwrite via cross-device rename fallback" } ], "fastmcp": [ { "id": "GHSA-5h2m-4q8j-pqpj", "severity": "HIGH", "summary": "FastMCP OAuth Proxy token reuse across MCP servers" }, { "id": "GHSA-c2jp-c369-7pvx", "severity": "HIGH", "summary": "FastMCP Auth Integration Allows for Confused Deputy Account Takeover" }, { "id": "GHSA-m8x7-r2rg-vh5g", "severity": "MEDIUM", "summary": "FastMCP has a Command Injection vulnerability - Gemini CLI" }, { "id": "GHSA-mxxr-jv3v-6pgc", "severity": "MEDIUM", "summary": "FastMCP vulnerable to reflected XSS in client's callback page" }, { "id": "GHSA-rcfx-77hg-w2wv", "severity": "HIGH", "summary": "FastMCP updated to MCP 1.23+ due to CVE-2025-66416" }, { "id": "GHSA-rj5c-58rq-j5g5", "severity": "MEDIUM", "summary": "FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name" }, { "id": "GHSA-rww4-4w9c-7733", "severity": "HIGH", "summary": "FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities" }, { "id": "GHSA-vv7q-7jx5-f767", "severity": "CRITICAL", "summary": "FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability" } ], "PyYAML": [ { "id": "GHSA-8q59-q68h-6hv4", "severity": "CRITICAL", "summary": "Improper Input Validation in PyYAML" }, { "id": "GHSA-rprw-h62v-c2w7", "severity": "CRITICAL", "summary": "PyYAML insecurely deserializes YAML strings leading to arbitrary code execution" }, { "id": "PYSEC-2018-49", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-142", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "ado-mcp-raboley", "version": "0.0.1", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 19, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-6w46-j5rx-g56g", "GHSA-652x-xj99-gmcc", "GHSA-9wx4-h78v-vm56", "GHSA-gc5v-m9x4-r6x2", "PYSEC-2014-14", "GHSA-mf9w-mj56-hr94", "GHSA-rcfx-77hg-w2wv" ], "Credential Scope": [ "GHSA-9hjg-9r4m-mvj7", "GHSA-cfj3-7x9c-4p3h", "GHSA-x84v-xcm2-53pg", "PYSEC-2014-13", "PYSEC-2018-28", "GHSA-mf9w-mj56-hr94", "GHSA-5h2m-4q8j-pqpj", "GHSA-vv7q-7jx5-f767" ], "Privilege Escalation": [ "GHSA-mf9w-mj56-hr94", "GHSA-rww4-4w9c-7733", "GHSA-vv7q-7jx5-f767" ], "Code Execution": [ "GHSA-5h2m-4q8j-pqpj", "GHSA-c2jp-c369-7pvx", "GHSA-m8x7-r2rg-vh5g", "GHSA-rj5c-58rq-j5g5", "GHSA-rww4-4w9c-7733" ], "Prompt Injection": [ "GHSA-mxxr-jv3v-6pgc" ], "RAG & Memory Poisoning": [ "GHSA-vv7q-7jx5-f767" ], "Output Weaponization": [ "GHSA-vv7q-7jx5-f767" ] }, "direct_vulns": [], "dep_vulns": { "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ], "requests": [ { "id": "GHSA-652x-xj99-gmcc", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-9hjg-9r4m-mvj7", "severity": "MEDIUM", "summary": "Requests vulnerable to .netrc credentials leak via malicious URLs" }, { "id": "GHSA-9wx4-h78v-vm56", "severity": "MEDIUM", "summary": "Requests `Session` object does not verify requests after making first request with verify=False" }, { "id": "GHSA-cfj3-7x9c-4p3h", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-gc5v-m9x4-r6x2", "severity": "MEDIUM", "summary": "Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function" }, { "id": "GHSA-x84v-xcm2-53pg", "severity": "HIGH", "summary": "Insufficiently Protected Credentials in Requests" }, { "id": "PYSEC-2014-13", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-14", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2018-28", "severity": "UNKNOWN", "summary": "" } ], "python-dotenv": [ { "id": "GHSA-mf9w-mj56-hr94", "severity": "MEDIUM", "summary": "python-dotenv: Symlink following in set_key allows arbitrary file overwrite via cross-device rename fallback" } ], "fastmcp": [ { "id": "GHSA-5h2m-4q8j-pqpj", "severity": "HIGH", "summary": "FastMCP OAuth Proxy token reuse across MCP servers" }, { "id": "GHSA-c2jp-c369-7pvx", "severity": "HIGH", "summary": "FastMCP Auth Integration Allows for Confused Deputy Account Takeover" }, { "id": "GHSA-m8x7-r2rg-vh5g", "severity": "MEDIUM", "summary": "FastMCP has a Command Injection vulnerability - Gemini CLI" }, { "id": "GHSA-mxxr-jv3v-6pgc", "severity": "MEDIUM", "summary": "FastMCP vulnerable to reflected XSS in client's callback page" }, { "id": "GHSA-rcfx-77hg-w2wv", "severity": "HIGH", "summary": "FastMCP updated to MCP 1.23+ due to CVE-2025-66416" }, { "id": "GHSA-rj5c-58rq-j5g5", "severity": "MEDIUM", "summary": "FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name" }, { "id": "GHSA-rww4-4w9c-7733", "severity": "HIGH", "summary": "FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities" }, { "id": "GHSA-vv7q-7jx5-f767", "severity": "CRITICAL", "summary": "FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability" } ] } }, { "name": "ado-workflows-mcp", "version": "0.11.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 9, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-6w46-j5rx-g56g", "GHSA-rcfx-77hg-w2wv" ], "Code Execution": [ "GHSA-5h2m-4q8j-pqpj", "GHSA-c2jp-c369-7pvx", "GHSA-m8x7-r2rg-vh5g", "GHSA-rj5c-58rq-j5g5", "GHSA-rww4-4w9c-7733" ], "Credential Scope": [ "GHSA-5h2m-4q8j-pqpj", "GHSA-vv7q-7jx5-f767" ], "Prompt Injection": [ "GHSA-mxxr-jv3v-6pgc" ], "Privilege Escalation": [ "GHSA-rww4-4w9c-7733", "GHSA-vv7q-7jx5-f767" ], "RAG & Memory Poisoning": [ "GHSA-vv7q-7jx5-f767" ], "Output Weaponization": [ "GHSA-vv7q-7jx5-f767" ] }, "direct_vulns": [], "dep_vulns": { "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ], "fastmcp": [ { "id": "GHSA-5h2m-4q8j-pqpj", "severity": "HIGH", "summary": "FastMCP OAuth Proxy token reuse across MCP servers" }, { "id": "GHSA-c2jp-c369-7pvx", "severity": "HIGH", "summary": "FastMCP Auth Integration Allows for Confused Deputy Account Takeover" }, { "id": "GHSA-m8x7-r2rg-vh5g", "severity": "MEDIUM", "summary": "FastMCP has a Command Injection vulnerability - Gemini CLI" }, { "id": "GHSA-mxxr-jv3v-6pgc", "severity": "MEDIUM", "summary": "FastMCP vulnerable to reflected XSS in client's callback page" }, { "id": "GHSA-rcfx-77hg-w2wv", "severity": "HIGH", "summary": "FastMCP updated to MCP 1.23+ due to CVE-2025-66416" }, { "id": "GHSA-rj5c-58rq-j5g5", "severity": "MEDIUM", "summary": "FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name" }, { "id": "GHSA-rww4-4w9c-7733", "severity": "HIGH", "summary": "FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities" }, { "id": "GHSA-vv7q-7jx5-f767", "severity": "CRITICAL", "summary": "FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability" } ] } }, { "name": "adp-mcp", "version": "0.1.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 6, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-fj7x-q9j7-g6q6", "PYSEC-2024-48" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "RAG & Memory Poisoning": [ "GHSA-3936-cmfr-pm3m" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "black": [ { "id": "GHSA-3936-cmfr-pm3m", "severity": "HIGH", "summary": "Black: Arbitrary file writes from unsanitized user input in cache file name" }, { "id": "GHSA-fj7x-q9j7-g6q6", "severity": "MEDIUM", "summary": "Black vulnerable to Regular Expression Denial of Service (ReDoS)" }, { "id": "PYSEC-2024-48", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "aduib-mcp-router", "version": "1.1.14", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 7, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47" ], "Code Execution": [ "GHSA-8q59-q68h-6hv4", "GHSA-rprw-h62v-c2w7", "PYSEC-2018-49", "PYSEC-2021-142" ], "Prompt Injection": [ "GHSA-8q59-q68h-6hv4" ] }, "direct_vulns": [], "dep_vulns": { "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ], "pyyaml": [ { "id": "GHSA-8q59-q68h-6hv4", "severity": "CRITICAL", "summary": "Improper Input Validation in PyYAML" }, { "id": "GHSA-rprw-h62v-c2w7", "severity": "CRITICAL", "summary": "PyYAML insecurely deserializes YAML strings leading to arbitrary code execution" }, { "id": "PYSEC-2018-49", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-142", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "advanced-seo-mcp", "version": "0.1.1", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 30, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-652x-xj99-gmcc", "GHSA-9wx4-h78v-vm56", "GHSA-gc5v-m9x4-r6x2", "PYSEC-2014-14", "GHSA-mf9w-mj56-hr94", "GHSA-rcfx-77hg-w2wv", "GHSA-55x5-fj6c-h6m8", "GHSA-wrxv-2j5q-m38w", "PYSEC-2021-852", "PYSEC-2022-230" ], "Credential Scope": [ "GHSA-9hjg-9r4m-mvj7", "GHSA-cfj3-7x9c-4p3h", "GHSA-x84v-xcm2-53pg", "PYSEC-2014-13", "PYSEC-2018-28", "GHSA-mf9w-mj56-hr94", "GHSA-5h2m-4q8j-pqpj", "GHSA-vv7q-7jx5-f767" ], "Privilege Escalation": [ "GHSA-mf9w-mj56-hr94", "GHSA-rww4-4w9c-7733", "GHSA-vv7q-7jx5-f767" ], "Code Execution": [ "GHSA-5h2m-4q8j-pqpj", "GHSA-c2jp-c369-7pvx", "GHSA-m8x7-r2rg-vh5g", "GHSA-rj5c-58rq-j5g5", "GHSA-rww4-4w9c-7733", "GHSA-vfmq-68hx-4jfw" ], "Prompt Injection": [ "GHSA-mxxr-jv3v-6pgc", "GHSA-57qw-cc2g-pv5p", "GHSA-jq4v-f5q6-mjqq", "GHSA-pgww-xf46-h92r", "GHSA-xp26-p53h-6h2p", "PYSEC-2014-9", "PYSEC-2018-12", "PYSEC-2021-19" ], "RAG & Memory Poisoning": [ "GHSA-vv7q-7jx5-f767" ], "Output Weaponization": [ "GHSA-vv7q-7jx5-f767" ] }, "direct_vulns": [], "dep_vulns": { "requests": [ { "id": "GHSA-652x-xj99-gmcc", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-9hjg-9r4m-mvj7", "severity": "MEDIUM", "summary": "Requests vulnerable to .netrc credentials leak via malicious URLs" }, { "id": "GHSA-9wx4-h78v-vm56", "severity": "MEDIUM", "summary": "Requests `Session` object does not verify requests after making first request with verify=False" }, { "id": "GHSA-cfj3-7x9c-4p3h", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-gc5v-m9x4-r6x2", "severity": "MEDIUM", "summary": "Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function" }, { "id": "GHSA-x84v-xcm2-53pg", "severity": "HIGH", "summary": "Insufficiently Protected Credentials in Requests" }, { "id": "PYSEC-2014-13", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-14", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2018-28", "severity": "UNKNOWN", "summary": "" } ], "python-dotenv": [ { "id": "GHSA-mf9w-mj56-hr94", "severity": "MEDIUM", "summary": "python-dotenv: Symlink following in set_key allows arbitrary file overwrite via cross-device rename fallback" } ], "fastmcp": [ { "id": "GHSA-5h2m-4q8j-pqpj", "severity": "HIGH", "summary": "FastMCP OAuth Proxy token reuse across MCP servers" }, { "id": "GHSA-c2jp-c369-7pvx", "severity": "HIGH", "summary": "FastMCP Auth Integration Allows for Confused Deputy Account Takeover" }, { "id": "GHSA-m8x7-r2rg-vh5g", "severity": "MEDIUM", "summary": "FastMCP has a Command Injection vulnerability - Gemini CLI" }, { "id": "GHSA-mxxr-jv3v-6pgc", "severity": "MEDIUM", "summary": "FastMCP vulnerable to reflected XSS in client's callback page" }, { "id": "GHSA-rcfx-77hg-w2wv", "severity": "HIGH", "summary": "FastMCP updated to MCP 1.23+ due to CVE-2025-66416" }, { "id": "GHSA-rj5c-58rq-j5g5", "severity": "MEDIUM", "summary": "FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name" }, { "id": "GHSA-rww4-4w9c-7733", "severity": "HIGH", "summary": "FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities" }, { "id": "GHSA-vv7q-7jx5-f767", "severity": "CRITICAL", "summary": "FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability" } ], "lxml": [ { "id": "GHSA-55x5-fj6c-h6m8", "severity": "MEDIUM", "summary": "lxml's HTML Cleaner allows crafted and SVG embedded scripts to pass through" }, { "id": "GHSA-57qw-cc2g-pv5p", "severity": "MEDIUM", "summary": "lxml Cross-site Scripting Via Control Characters" }, { "id": "GHSA-jq4v-f5q6-mjqq", "severity": "MEDIUM", "summary": "lxml vulnerable to Cross-Site Scripting " }, { "id": "GHSA-pgww-xf46-h92r", "severity": "MEDIUM", "summary": "lxml vulnerable to Cross-site Scripting" }, { "id": "GHSA-vfmq-68hx-4jfw", "severity": "HIGH", "summary": "lxml: Default configuration of iterparse() and ETCompatXMLParser() allows XXE to local files" }, { "id": "GHSA-wrxv-2j5q-m38w", "severity": "MEDIUM", "summary": "lxml NULL Pointer Dereference allows attackers to cause a denial of service" }, { "id": "GHSA-xp26-p53h-6h2p", "severity": "MEDIUM", "summary": "Improper Neutralization of Input During Web Page Generation in LXML" }, { "id": "PYSEC-2014-9", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2018-12", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-19", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-852", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2022-230", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "adversary-mcp-server", "version": "1.11.1", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 96, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47", "GHSA-6w46-j5rx-g56g", "GHSA-2vrm-gr82-f7m5", "GHSA-3wq7-rqq7-wx6j", "GHSA-45c4-8wx5-qw6w", "GHSA-5m98-qgg9-wh84", "GHSA-63hf-3vf5-4wqf", "GHSA-69f9-5gxw-wvc2", "GHSA-6jhg-hg63-jvvf", "GHSA-6mq8-rvhq-8wgg", "GHSA-8495-4g3g-x7pr", "GHSA-9548-qrrj-x5pj", "GHSA-966j-vmvw-g2g9", "GHSA-c427-h43c-vf67", "GHSA-fh55-r93g-j68g", "GHSA-g84x-mcqj-x9qq", "GHSA-hcc4-c3v8-rx92", "GHSA-jj3x-wxrx-4x23", "GHSA-m5qp-6w8w-w647", "GHSA-mqqc-3gqh-h2x8", "GHSA-mwh4-6h8g-pg8w", "GHSA-pjjw-qhg8-p2p9", "GHSA-q3qx-c6g2-7pw2", "GHSA-qvrw-v9rv-5rjx", "GHSA-w2fm-2cpv-w7v5", "PYSEC-2023-120", "PYSEC-2023-246", "PYSEC-2023-250", "PYSEC-2023-251", "GHSA-652x-xj99-gmcc", "GHSA-9wx4-h78v-vm56", "GHSA-gc5v-m9x4-r6x2", "PYSEC-2014-14", "GHSA-462w-v97r-4m45", "GHSA-8r7q-cvjq-x353", "GHSA-cpwx-vrp4-4pq7", "GHSA-fqh9-2qgg-h84h", "GHSA-g3rq-g295-4j3m", "GHSA-hj2j-77xm-mc5v", "GHSA-q2x7-8rv6-6q7h", "PYSEC-2014-8", "PYSEC-2014-82", "PYSEC-2019-217", "PYSEC-2019-220", "PYSEC-2021-66", "GHSA-38fc-9xqv-7f7q", "GHSA-887w-45rq-vxgf", "GHSA-hfg2-wf6j-x53p", "PYSEC-2012-9", "PYSEC-2019-123", "PYSEC-2019-124", "GHSA-fj7x-q9j7-g6q6", "PYSEC-2024-48", "GHSA-3ww4-gg4f-jr7f", "GHSA-9v9h-cgj8-h64p", "GHSA-hggm-jpg3-v476", "GHSA-r6ph-v2qm-q3c2", "PYSEC-2017-8", "PYSEC-2021-62", "GHSA-qfc5-mcwq-26q8", "PYSEC-2019-41", "GHSA-8867-vpm3-g98g", "GHSA-p86x-652p-6385", "PYSEC-2019-181", "PYSEC-2019-182" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh", "GHSA-3wq7-rqq7-wx6j", "GHSA-54jq-c3m8-4m76", "GHSA-8qpw-xqxj-h4r2", "GHSA-gfw2-4jvh-wgfg", "GHSA-p998-jp59-783m", "PYSEC-2024-26", "GHSA-9v9h-cgj8-h64p", "GHSA-m959-cc7f-wv43", "GHSA-8q59-q68h-6hv4", "GHSA-rprw-h62v-c2w7", "PYSEC-2018-49", "PYSEC-2021-142", "GHSA-p3h7-3c45-qj4v", "PYSEC-2012-8" ], "RAG & Memory Poisoning": [ "GHSA-54jq-c3m8-4m76", "GHSA-xx9p-xxvh-7g8j", "GHSA-3936-cmfr-pm3m" ], "Prompt Injection": [ "GHSA-7gpw-8wmc-pm8g", "GHSA-h5c8-rqwp-cp95", "GHSA-h75v-3vvj-5mfj", "GHSA-q3cj-2r34-2cwc", "GHSA-8q59-q68h-6hv4" ], "Credential Scope": [ "GHSA-p998-jp59-783m", "GHSA-9hjg-9r4m-mvj7", "GHSA-cfj3-7x9c-4p3h", "GHSA-x84v-xcm2-53pg", "PYSEC-2014-13", "PYSEC-2018-28", "GHSA-p3h7-3c45-qj4v", "PYSEC-2012-8" ], "Output Weaponization": [ "GHSA-p998-jp59-783m", "GHSA-v6wp-4m6f-gcjg", "GHSA-xx9p-xxvh-7g8j", "PYSEC-2021-76", "PYSEC-2023-247" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ], "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ], "aiohttp": [ { "id": "GHSA-2vrm-gr82-f7m5", "severity": "LOW", "summary": "AIOHTTP has CRLF injection through multipart part content type header construction" }, { "id": "GHSA-3wq7-rqq7-wx6j", "severity": "LOW", "summary": "AIOHTTP has late size enforcement for non-file multipart fields causes memory DoS" }, { "id": "GHSA-45c4-8wx5-qw6w", "severity": "MEDIUM", "summary": "aiohttp.web.Application vulnerable to HTTP request smuggling via llhttp HTTP request parser" }, { "id": "GHSA-54jq-c3m8-4m76", "severity": "LOW", "summary": "AIOHTTP vulnerable to brute-force leak of internal static \ufb01le path components" }, { "id": "GHSA-5m98-qgg9-wh84", "severity": "HIGH", "summary": "aiohttp vulnerable to Denial of Service when trying to parse malformed POST requests" }, { "id": "GHSA-63hf-3vf5-4wqf", "severity": "LOW", "summary": "AIOHTTP's C parser (llhttp) accepts null bytes and control characters in response header values - header injection/security bypass" }, { "id": "GHSA-69f9-5gxw-wvc2", "severity": "LOW", "summary": "AIOHTTP's unicode processing of header values could cause parsing discrepancies" }, { "id": "GHSA-6jhg-hg63-jvvf", "severity": "MEDIUM", "summary": "AIOHTTP vulnerable to denial of service through large payloads" }, { "id": "GHSA-6mq8-rvhq-8wgg", "severity": "HIGH", "summary": "AIOHTTP's HTTP Parser auto_decompress feature is vulnerable to zip bomb" }, { "id": "GHSA-7gpw-8wmc-pm8g", "severity": "MEDIUM", "summary": "aiohttp Cross-site Scripting vulnerability on index pages for static file handling" }, { "id": "GHSA-8495-4g3g-x7pr", "severity": "MEDIUM", "summary": "aiohttp allows request smuggling due to incorrect parsing of chunk extensions" }, { "id": "GHSA-8qpw-xqxj-h4r2", "severity": "MEDIUM", "summary": "aiohttp's HTTP parser (the python one, not llhttp) still overly lenient about separators" }, { "id": "GHSA-9548-qrrj-x5pj", "severity": "LOW", "summary": " AIOHTTP is vulnerable to HTTP Request/Response Smuggling through incorrect parsing of chunked trailer sections" }, { "id": "GHSA-966j-vmvw-g2g9", "severity": "LOW", "summary": "AIOHTTP leaks Cookie and Proxy-Authorization headers on cross-origin redirect" }, { "id": "GHSA-c427-h43c-vf67", "severity": "MEDIUM", "summary": "AIOHTTP accepts duplicate Host headers" }, { "id": "GHSA-fh55-r93g-j68g", "severity": "LOW", "summary": "AIOHTTP Vulnerable to Cookie Parser Warning Storm" }, { "id": "GHSA-g84x-mcqj-x9qq", "severity": "MEDIUM", "summary": "AIOHTTP vulnerable to DoS through chunked messages" }, { "id": "GHSA-gfw2-4jvh-wgfg", "severity": "MEDIUM", "summary": "AIOHTTP has problems in HTTP parser (the python one, not llhttp)" }, { "id": "GHSA-hcc4-c3v8-rx92", "severity": "LOW", "summary": "AIOHTTP Affected by Denial of Service (DoS) via Unbounded DNS Cache in TCPConnector" }, { "id": "GHSA-jj3x-wxrx-4x23", "severity": "MEDIUM", "summary": "AIOHTTP vulnerable to DoS when bypassing asserts" }, { "id": "GHSA-m5qp-6w8w-w647", "severity": "MEDIUM", "summary": "AIOHTTP has a Multipart Header Size Bypass" }, { "id": "GHSA-mqqc-3gqh-h2x8", "severity": "LOW", "summary": "AIOHTTP has unicode match groups in regexes for ASCII protocol elements" }, { "id": "GHSA-mwh4-6h8g-pg8w", "severity": "LOW", "summary": "AIOHTTP has HTTP response splitting via \\r in reason phrase" }, { "id": "GHSA-p998-jp59-783m", "severity": "MEDIUM", "summary": "AIOHTTP affected by UNC SSRF/NTLMv2 Credential Theft/Local File Read in static resource handler on Windows" }, { "id": "GHSA-pjjw-qhg8-p2p9", "severity": "MEDIUM", "summary": "aiohttp has vulnerable dependency that is vulnerable to request smuggling" }, { "id": "GHSA-q3qx-c6g2-7pw2", "severity": "MEDIUM", "summary": "aiohttp's ClientSession is vulnerable to CRLF injection via version" }, { "id": "GHSA-qvrw-v9rv-5rjx", "severity": "MEDIUM", "summary": "aiohttp's ClientSession is vulnerable to CRLF injection via method" }, { "id": "GHSA-v6wp-4m6f-gcjg", "severity": "LOW", "summary": "`aiohttp` Open Redirect vulnerability (`normalize_path_middleware` middleware)" }, { "id": "GHSA-w2fm-2cpv-w7v5", "severity": "MEDIUM", "summary": "aiohttp allows unlimited trailer headers, leading to possible uncapped memory usage" }, { "id": "GHSA-xx9p-xxvh-7g8j", "severity": "LOW", "summary": "Aiohttp has inconsistent interpretation of `Content-Length` vs. `Transfer-Encoding` differing in C and Python fallbacks" }, { "id": "PYSEC-2021-76", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-120", "severity": "UNKNOWN", "summary": "aiohttp.web.Application vulnerable to HTTP request smuggling via llhttp HTTP request parser" }, { "id": "PYSEC-2023-246", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-247", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-250", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-251", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-26", "severity": "UNKNOWN", "summary": "" } ], "requests": [ { "id": "GHSA-652x-xj99-gmcc", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-9hjg-9r4m-mvj7", "severity": "MEDIUM", "summary": "Requests vulnerable to .netrc credentials leak via malicious URLs" }, { "id": "GHSA-9wx4-h78v-vm56", "severity": "MEDIUM", "summary": "Requests `Session` object does not verify requests after making first request with verify=False" }, { "id": "GHSA-cfj3-7x9c-4p3h", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-gc5v-m9x4-r6x2", "severity": "MEDIUM", "summary": "Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function" }, { "id": "GHSA-x84v-xcm2-53pg", "severity": "HIGH", "summary": "Insufficiently Protected Credentials in Requests" }, { "id": "PYSEC-2014-13", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-14", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2018-28", "severity": "UNKNOWN", "summary": "" } ], "jinja2": [ { "id": "GHSA-462w-v97r-4m45", "severity": "HIGH", "summary": "Jinja2 sandbox escape via string formatting" }, { "id": "GHSA-8r7q-cvjq-x353", "severity": "HIGH", "summary": "Incorrect Privilege Assignment in Jinja2" }, { "id": "GHSA-cpwx-vrp4-4pq7", "severity": "MEDIUM", "summary": "Jinja2 vulnerable to sandbox breakout through attr filter selecting format method" }, { "id": "GHSA-fqh9-2qgg-h84h", "severity": "MEDIUM", "summary": "Insecure Temporary File in Jinja2" }, { "id": "GHSA-g3rq-g295-4j3m", "severity": "MEDIUM", "summary": "Regular Expression Denial of Service (ReDoS) in Jinja2" }, { "id": "GHSA-h5c8-rqwp-cp95", "severity": "MEDIUM", "summary": "Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter" }, { "id": "GHSA-h75v-3vvj-5mfj", "severity": "MEDIUM", "summary": "Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter" }, { "id": "GHSA-hj2j-77xm-mc5v", "severity": "HIGH", "summary": "Jinja2 sandbox escape vulnerability" }, { "id": "GHSA-q2x7-8rv6-6q7h", "severity": "MEDIUM", "summary": "Jinja has a sandbox breakout through indirect reference to format method" }, { "id": "PYSEC-2014-8", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-82", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2019-217", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2019-220", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-66", "severity": "UNKNOWN", "summary": "" } ], "sqlalchemy": [ { "id": "GHSA-38fc-9xqv-7f7q", "severity": "CRITICAL", "summary": "SQLAlchemy is vulnerable to SQL Injection via group_by parameter " }, { "id": "GHSA-887w-45rq-vxgf", "severity": "CRITICAL", "summary": "SQLAlchemy vulnerable to SQL Injection via order_by parameter" }, { "id": "GHSA-hfg2-wf6j-x53p", "severity": "CRITICAL", "summary": "SQLAlchemy vulnerable to SQL injection" }, { "id": "PYSEC-2012-9", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2019-123", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2019-124", "severity": "UNKNOWN", "summary": "" } ], "black": [ { "id": "GHSA-3936-cmfr-pm3m", "severity": "HIGH", "summary": "Black: Arbitrary file writes from unsanitized user input in cache file name" }, { "id": "GHSA-fj7x-q9j7-g6q6", "severity": "MEDIUM", "summary": "Black vulnerable to Regular Expression Denial of Service (ReDoS)" }, { "id": "PYSEC-2024-48", "severity": "UNKNOWN", "summary": "" } ], "cryptography": [ { "id": "GHSA-3ww4-gg4f-jr7f", "severity": "HIGH", "summary": "Python Cryptography package vulnerable to Bleichenbacher timing oracle attack" }, { "id": "GHSA-9v9h-cgj8-h64p", "severity": "MEDIUM", "summary": "Null pointer dereference in PKCS12 parsing" }, { "id": "GHSA-hggm-jpg3-v476", "severity": "HIGH", "summary": "RSA decryption vulnerable to Bleichenbacher timing vulnerability" }, { "id": "GHSA-m959-cc7f-wv43", "severity": "LOW", "summary": "cryptography has incomplete DNS name constraint enforcement on peer names" }, { "id": "GHSA-q3cj-2r34-2cwc", "severity": "HIGH", "summary": "Improper input validation in cryptography" }, { "id": "GHSA-r6ph-v2qm-q3c2", "severity": "HIGH", "summary": "cryptography Vulnerable to a Subgroup Attack Due to Missing Subgroup Validation for SECT Curves" }, { "id": "PYSEC-2017-8", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-62", "severity": "UNKNOWN", "summary": "" } ], "pyyaml": [ { "id": "GHSA-8q59-q68h-6hv4", "severity": "CRITICAL", "summary": "Improper Input Validation in PyYAML" }, { "id": "GHSA-rprw-h62v-c2w7", "severity": "CRITICAL", "summary": "PyYAML insecurely deserializes YAML strings leading to arbitrary code execution" }, { "id": "PYSEC-2018-49", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-142", "severity": "UNKNOWN", "summary": "" } ], "psutil": [ { "id": "GHSA-qfc5-mcwq-26q8", "severity": "HIGH", "summary": "Double Free in psutil" }, { "id": "PYSEC-2019-41", "severity": "UNKNOWN", "summary": "" } ], "keyring": [ { "id": "GHSA-8867-vpm3-g98g", "severity": "HIGH", "summary": "Incorrect Default Permissions in keyring" }, { "id": "GHSA-p3h7-3c45-qj4v", "severity": "HIGH", "summary": "Python Keyring does not securely initialize encryption cipher" }, { "id": "GHSA-p86x-652p-6385", "severity": "HIGH", "summary": "Incorrect Default Permissions in keyring" }, { "id": "PYSEC-2012-8", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2019-181", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2019-182", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "advisorfinder-mcp", "version": "1.1.5", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 8, "max_severity": "CRITICAL", "tactic_exposure": { "Code Execution": [ "GHSA-5h2m-4q8j-pqpj", "GHSA-c2jp-c369-7pvx", "GHSA-m8x7-r2rg-vh5g", "GHSA-rj5c-58rq-j5g5", "GHSA-rww4-4w9c-7733" ], "Credential Scope": [ "GHSA-5h2m-4q8j-pqpj", "GHSA-vv7q-7jx5-f767" ], "Prompt Injection": [ "GHSA-mxxr-jv3v-6pgc" ], "Infrastructure & Runtime": [ "GHSA-rcfx-77hg-w2wv" ], "Privilege Escalation": [ "GHSA-rww4-4w9c-7733", "GHSA-vv7q-7jx5-f767" ], "RAG & Memory Poisoning": [ "GHSA-vv7q-7jx5-f767" ], "Output Weaponization": [ "GHSA-vv7q-7jx5-f767" ] }, "direct_vulns": [], "dep_vulns": { "fastmcp": [ { "id": "GHSA-5h2m-4q8j-pqpj", "severity": "HIGH", "summary": "FastMCP OAuth Proxy token reuse across MCP servers" }, { "id": "GHSA-c2jp-c369-7pvx", "severity": "HIGH", "summary": "FastMCP Auth Integration Allows for Confused Deputy Account Takeover" }, { "id": "GHSA-m8x7-r2rg-vh5g", "severity": "MEDIUM", "summary": "FastMCP has a Command Injection vulnerability - Gemini CLI" }, { "id": "GHSA-mxxr-jv3v-6pgc", "severity": "MEDIUM", "summary": "FastMCP vulnerable to reflected XSS in client's callback page" }, { "id": "GHSA-rcfx-77hg-w2wv", "severity": "HIGH", "summary": "FastMCP updated to MCP 1.23+ due to CVE-2025-66416" }, { "id": "GHSA-rj5c-58rq-j5g5", "severity": "MEDIUM", "summary": "FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name" }, { "id": "GHSA-rww4-4w9c-7733", "severity": "HIGH", "summary": "FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities" }, { "id": "GHSA-vv7q-7jx5-f767", "severity": "CRITICAL", "summary": "FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability" } ] } }, { "name": "adx-mcp-server", "version": "1.1.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 15, "max_severity": "CRITICAL", "tactic_exposure": { "Credential Scope": [ "GHSA-vphc-468g-8rfp", "GHSA-mf9w-mj56-hr94", "GHSA-5h2m-4q8j-pqpj", "GHSA-vv7q-7jx5-f767" ], "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-6w46-j5rx-g56g", "GHSA-mf9w-mj56-hr94", "GHSA-rcfx-77hg-w2wv", "GHSA-m5vv-6r4h-3vj9" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh", "GHSA-5h2m-4q8j-pqpj", "GHSA-c2jp-c369-7pvx", "GHSA-m8x7-r2rg-vh5g", "GHSA-rj5c-58rq-j5g5", "GHSA-rww4-4w9c-7733" ], "Privilege Escalation": [ "GHSA-mf9w-mj56-hr94", "GHSA-rww4-4w9c-7733", "GHSA-vv7q-7jx5-f767" ], "Prompt Injection": [ "GHSA-mxxr-jv3v-6pgc" ], "RAG & Memory Poisoning": [ "GHSA-vv7q-7jx5-f767" ], "Output Weaponization": [ "GHSA-vv7q-7jx5-f767" ] }, "direct_vulns": [ { "id": "GHSA-vphc-468g-8rfp", "severity": "HIGH", "summary": "Azure Data Explorer MCP Server: KQL Injection in multiple tools allows MCP client to execute arbitrary Kusto queries" } ], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ], "python-dotenv": [ { "id": "GHSA-mf9w-mj56-hr94", "severity": "MEDIUM", "summary": "python-dotenv: Symlink following in set_key allows arbitrary file overwrite via cross-device rename fallback" } ], "fastmcp": [ { "id": "GHSA-5h2m-4q8j-pqpj", "severity": "HIGH", "summary": "FastMCP OAuth Proxy token reuse across MCP servers" }, { "id": "GHSA-c2jp-c369-7pvx", "severity": "HIGH", "summary": "FastMCP Auth Integration Allows for Confused Deputy Account Takeover" }, { "id": "GHSA-m8x7-r2rg-vh5g", "severity": "MEDIUM", "summary": "FastMCP has a Command Injection vulnerability - Gemini CLI" }, { "id": "GHSA-mxxr-jv3v-6pgc", "severity": "MEDIUM", "summary": "FastMCP vulnerable to reflected XSS in client's callback page" }, { "id": "GHSA-rcfx-77hg-w2wv", "severity": "HIGH", "summary": "FastMCP updated to MCP 1.23+ due to CVE-2025-66416" }, { "id": "GHSA-rj5c-58rq-j5g5", "severity": "MEDIUM", "summary": "FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name" }, { "id": "GHSA-rww4-4w9c-7733", "severity": "HIGH", "summary": "FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities" }, { "id": "GHSA-vv7q-7jx5-f767", "severity": "CRITICAL", "summary": "FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability" } ], "azure-identity": [ { "id": "GHSA-m5vv-6r4h-3vj9", "severity": "MEDIUM", "summary": "Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability" } ] } }, { "name": "aeba-mcp", "version": "0.0.1", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "aegis-mcp", "version": "0.1.1", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 7, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh", "GHSA-8q59-q68h-6hv4", "GHSA-rprw-h62v-c2w7", "PYSEC-2018-49", "PYSEC-2021-142" ], "Prompt Injection": [ "GHSA-8q59-q68h-6hv4" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "PyYAML": [ { "id": "GHSA-8q59-q68h-6hv4", "severity": "CRITICAL", "summary": "Improper Input Validation in PyYAML" }, { "id": "GHSA-rprw-h62v-c2w7", "severity": "CRITICAL", "summary": "PyYAML insecurely deserializes YAML strings leading to arbitrary code execution" }, { "id": "PYSEC-2018-49", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-142", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "aemet-mcp", "version": "0.3.2", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 5, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "aerodrome-swap-mcp", "version": "0.1.1", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 20, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47", "GHSA-652x-xj99-gmcc", "GHSA-9wx4-h78v-vm56", "GHSA-gc5v-m9x4-r6x2", "PYSEC-2014-14", "GHSA-rcfx-77hg-w2wv" ], "Credential Scope": [ "GHSA-9hjg-9r4m-mvj7", "GHSA-cfj3-7x9c-4p3h", "GHSA-x84v-xcm2-53pg", "PYSEC-2014-13", "PYSEC-2018-28", "GHSA-5h2m-4q8j-pqpj", "GHSA-vv7q-7jx5-f767" ], "Code Execution": [ "GHSA-5h2m-4q8j-pqpj", "GHSA-c2jp-c369-7pvx", "GHSA-m8x7-r2rg-vh5g", "GHSA-rj5c-58rq-j5g5", "GHSA-rww4-4w9c-7733" ], "Prompt Injection": [ "GHSA-mxxr-jv3v-6pgc" ], "Privilege Escalation": [ "GHSA-rww4-4w9c-7733", "GHSA-vv7q-7jx5-f767" ], "RAG & Memory Poisoning": [ "GHSA-vv7q-7jx5-f767" ], "Output Weaponization": [ "GHSA-vv7q-7jx5-f767" ] }, "direct_vulns": [], "dep_vulns": { "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ], "requests": [ { "id": "GHSA-652x-xj99-gmcc", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-9hjg-9r4m-mvj7", "severity": "MEDIUM", "summary": "Requests vulnerable to .netrc credentials leak via malicious URLs" }, { "id": "GHSA-9wx4-h78v-vm56", "severity": "MEDIUM", "summary": "Requests `Session` object does not verify requests after making first request with verify=False" }, { "id": "GHSA-cfj3-7x9c-4p3h", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-gc5v-m9x4-r6x2", "severity": "MEDIUM", "summary": "Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function" }, { "id": "GHSA-x84v-xcm2-53pg", "severity": "HIGH", "summary": "Insufficiently Protected Credentials in Requests" }, { "id": "PYSEC-2014-13", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-14", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2018-28", "severity": "UNKNOWN", "summary": "" } ], "fastmcp": [ { "id": "GHSA-5h2m-4q8j-pqpj", "severity": "HIGH", "summary": "FastMCP OAuth Proxy token reuse across MCP servers" }, { "id": "GHSA-c2jp-c369-7pvx", "severity": "HIGH", "summary": "FastMCP Auth Integration Allows for Confused Deputy Account Takeover" }, { "id": "GHSA-m8x7-r2rg-vh5g", "severity": "MEDIUM", "summary": "FastMCP has a Command Injection vulnerability - Gemini CLI" }, { "id": "GHSA-mxxr-jv3v-6pgc", "severity": "MEDIUM", "summary": "FastMCP vulnerable to reflected XSS in client's callback page" }, { "id": "GHSA-rcfx-77hg-w2wv", "severity": "HIGH", "summary": "FastMCP updated to MCP 1.23+ due to CVE-2025-66416" }, { "id": "GHSA-rj5c-58rq-j5g5", "severity": "MEDIUM", "summary": "FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name" }, { "id": "GHSA-rww4-4w9c-7733", "severity": "HIGH", "summary": "FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities" }, { "id": "GHSA-vv7q-7jx5-f767", "severity": "CRITICAL", "summary": "FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability" } ] } }, { "name": "aesthetics-wiki-mcp", "version": "0.2.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 5, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "aevum-mcp", "version": "0.3.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 4, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-6w46-j5rx-g56g" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ] } }, { "name": "affinity-mcp", "version": "0.3.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 5, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-39ph-wr67-j4xq", "PYSEC-2022-14" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "loguru": [ { "id": "GHSA-39ph-wr67-j4xq", "severity": "MEDIUM", "summary": "loguru logs sensitive information" }, { "id": "PYSEC-2022-14", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "afo-mcp", "version": "0.0.1", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 14, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47", "GHSA-rcfx-77hg-w2wv" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh", "GHSA-5h2m-4q8j-pqpj", "GHSA-c2jp-c369-7pvx", "GHSA-m8x7-r2rg-vh5g", "GHSA-rj5c-58rq-j5g5", "GHSA-rww4-4w9c-7733" ], "Credential Scope": [ "GHSA-5h2m-4q8j-pqpj", "GHSA-vv7q-7jx5-f767" ], "Prompt Injection": [ "GHSA-mxxr-jv3v-6pgc" ], "Privilege Escalation": [ "GHSA-rww4-4w9c-7733", "GHSA-vv7q-7jx5-f767" ], "RAG & Memory Poisoning": [ "GHSA-vv7q-7jx5-f767" ], "Output Weaponization": [ "GHSA-vv7q-7jx5-f767" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ], "fastmcp": [ { "id": "GHSA-5h2m-4q8j-pqpj", "severity": "HIGH", "summary": "FastMCP OAuth Proxy token reuse across MCP servers" }, { "id": "GHSA-c2jp-c369-7pvx", "severity": "HIGH", "summary": "FastMCP Auth Integration Allows for Confused Deputy Account Takeover" }, { "id": "GHSA-m8x7-r2rg-vh5g", "severity": "MEDIUM", "summary": "FastMCP has a Command Injection vulnerability - Gemini CLI" }, { "id": "GHSA-mxxr-jv3v-6pgc", "severity": "MEDIUM", "summary": "FastMCP vulnerable to reflected XSS in client's callback page" }, { "id": "GHSA-rcfx-77hg-w2wv", "severity": "HIGH", "summary": "FastMCP updated to MCP 1.23+ due to CVE-2025-66416" }, { "id": "GHSA-rj5c-58rq-j5g5", "severity": "MEDIUM", "summary": "FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name" }, { "id": "GHSA-rww4-4w9c-7733", "severity": "HIGH", "summary": "FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities" }, { "id": "GHSA-vv7q-7jx5-f767", "severity": "CRITICAL", "summary": "FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability" } ] } }, { "name": "ag2mcp", "version": "0.0.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "ag402-client-mcp", "version": "0.1.20", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 6, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-6w46-j5rx-g56g" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ] } }, { "name": "ag402-mcp", "version": "0.1.20", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 10, "max_severity": "CRITICAL", "tactic_exposure": { "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183" ], "Infrastructure & Runtime": [ "GHSA-6w46-j5rx-g56g", "GHSA-8h2j-cgx8-6xv7", "PYSEC-2021-100", "PYSEC-2024-38", "GHSA-f97h-2pfx-f59f", "PYSEC-2020-151" ], "Code Execution": [ "PYSEC-2024-38", "GHSA-33c7-2mpw-hg34", "PYSEC-2020-150" ] }, "direct_vulns": [], "dep_vulns": { "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ], "fastapi": [ { "id": "GHSA-8h2j-cgx8-6xv7", "severity": "HIGH", "summary": "Cross-Site Request Forgery (CSRF) in FastAPI" }, { "id": "PYSEC-2021-100", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-38", "severity": "UNKNOWN", "summary": "" } ], "uvicorn": [ { "id": "GHSA-33c7-2mpw-hg34", "severity": "HIGH", "summary": "Log injection in uvicorn" }, { "id": "GHSA-f97h-2pfx-f59f", "severity": "HIGH", "summary": "HTTP response splitting in uvicorn" }, { "id": "PYSEC-2020-150", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-151", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "ageless-blender-mcp", "version": "1.0.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "agemcp", "version": "0.5.3", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 43, "max_severity": "CRITICAL", "tactic_exposure": { "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183", "GHSA-frgw-fgh6-9g52", "PYSEC-2017-1", "GHSA-mxxr-jv3v-6pgc" ], "Infrastructure & Runtime": [ "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47", "GHSA-652x-xj99-gmcc", "GHSA-9wx4-h78v-vm56", "GHSA-gc5v-m9x4-r6x2", "PYSEC-2014-14", "GHSA-38fc-9xqv-7f7q", "GHSA-887w-45rq-vxgf", "GHSA-hfg2-wf6j-x53p", "PYSEC-2012-9", "PYSEC-2019-123", "PYSEC-2019-124", "GHSA-5545-2q6w-2gh6", "GHSA-f7c7-j99h-c22f", "GHSA-fpfv-jqm9-f5jm", "GHSA-frgw-fgh6-9g52", "PYSEC-2017-1", "PYSEC-2018-33", "PYSEC-2018-34", "PYSEC-2021-856", "PYSEC-2021-857", "GHSA-rcfx-77hg-w2wv" ], "Credential Scope": [ "GHSA-9hjg-9r4m-mvj7", "GHSA-cfj3-7x9c-4p3h", "GHSA-x84v-xcm2-53pg", "PYSEC-2014-13", "PYSEC-2018-28", "GHSA-5h2m-4q8j-pqpj", "GHSA-vv7q-7jx5-f767" ], "Code Execution": [ "GHSA-2xpj-f5g2-8p7m", "PYSEC-2020-24", "GHSA-9fq2-x9r6-wfmf", "PYSEC-2019-108", "GHSA-5h2m-4q8j-pqpj", "GHSA-c2jp-c369-7pvx", "GHSA-m8x7-r2rg-vh5g", "GHSA-rj5c-58rq-j5g5", "GHSA-rww4-4w9c-7733" ], "RAG & Memory Poisoning": [ "GHSA-2fc2-6r4j-p65h", "GHSA-cw6w-4rcx-xphc", "GHSA-vv7q-7jx5-f767" ], "Tool Poisoning": [ "GHSA-9fq2-x9r6-wfmf" ], "Privilege Escalation": [ "GHSA-rww4-4w9c-7733", "GHSA-vv7q-7jx5-f767" ], "Output Weaponization": [ "GHSA-vv7q-7jx5-f767" ] }, "direct_vulns": [], "dep_vulns": { "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ], "requests": [ { "id": "GHSA-652x-xj99-gmcc", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-9hjg-9r4m-mvj7", "severity": "MEDIUM", "summary": "Requests vulnerable to .netrc credentials leak via malicious URLs" }, { "id": "GHSA-9wx4-h78v-vm56", "severity": "MEDIUM", "summary": "Requests `Session` object does not verify requests after making first request with verify=False" }, { "id": "GHSA-cfj3-7x9c-4p3h", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-gc5v-m9x4-r6x2", "severity": "MEDIUM", "summary": "Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function" }, { "id": "GHSA-x84v-xcm2-53pg", "severity": "HIGH", "summary": "Insufficiently Protected Credentials in Requests" }, { "id": "PYSEC-2014-13", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-14", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2018-28", "severity": "UNKNOWN", "summary": "" } ], "asyncpg": [ { "id": "GHSA-2xpj-f5g2-8p7m", "severity": "CRITICAL", "summary": "Asyncpg Arbitrary Code Execution Via Access to an Uninitialized Pointer" }, { "id": "PYSEC-2020-24", "severity": "UNKNOWN", "summary": "" } ], "sqlalchemy": [ { "id": "GHSA-38fc-9xqv-7f7q", "severity": "CRITICAL", "summary": "SQLAlchemy is vulnerable to SQL Injection via group_by parameter " }, { "id": "GHSA-887w-45rq-vxgf", "severity": "CRITICAL", "summary": "SQLAlchemy vulnerable to SQL Injection via order_by parameter" }, { "id": "GHSA-hfg2-wf6j-x53p", "severity": "CRITICAL", "summary": "SQLAlchemy vulnerable to SQL injection" }, { "id": "PYSEC-2012-9", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2019-123", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2019-124", "severity": "UNKNOWN", "summary": "" } ], "numpy": [ { "id": "GHSA-2fc2-6r4j-p65h", "severity": "HIGH", "summary": "Numpy arbitrary file write via symlink attack" }, { "id": "GHSA-5545-2q6w-2gh6", "severity": "HIGH", "summary": "NumPy NULL Pointer Dereference" }, { "id": "GHSA-9fq2-x9r6-wfmf", "severity": "CRITICAL", "summary": "Numpy Deserialization of Untrusted Data" }, { "id": "GHSA-cw6w-4rcx-xphc", "severity": "HIGH", "summary": "Arbitrary file write in NumPy" }, { "id": "GHSA-f7c7-j99h-c22f", "severity": "MEDIUM", "summary": "Buffer Copy without Checking Size of Input in NumPy" }, { "id": "GHSA-fpfv-jqm9-f5jm", "severity": "MEDIUM", "summary": "Incorrect Comparison in NumPy" }, { "id": "GHSA-frgw-fgh6-9g52", "severity": "HIGH", "summary": "Numpy missing input validation" }, { "id": "PYSEC-2017-1", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2018-33", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2018-34", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2019-108", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-856", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-857", "severity": "UNKNOWN", "summary": "" } ], "fastmcp": [ { "id": "GHSA-5h2m-4q8j-pqpj", "severity": "HIGH", "summary": "FastMCP OAuth Proxy token reuse across MCP servers" }, { "id": "GHSA-c2jp-c369-7pvx", "severity": "HIGH", "summary": "FastMCP Auth Integration Allows for Confused Deputy Account Takeover" }, { "id": "GHSA-m8x7-r2rg-vh5g", "severity": "MEDIUM", "summary": "FastMCP has a Command Injection vulnerability - Gemini CLI" }, { "id": "GHSA-mxxr-jv3v-6pgc", "severity": "MEDIUM", "summary": "FastMCP vulnerable to reflected XSS in client's callback page" }, { "id": "GHSA-rcfx-77hg-w2wv", "severity": "HIGH", "summary": "FastMCP updated to MCP 1.23+ due to CVE-2025-66416" }, { "id": "GHSA-rj5c-58rq-j5g5", "severity": "MEDIUM", "summary": "FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name" }, { "id": "GHSA-rww4-4w9c-7733", "severity": "HIGH", "summary": "FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities" }, { "id": "GHSA-vv7q-7jx5-f767", "severity": "CRITICAL", "summary": "FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability" } ] } }, { "name": "age_mcp_server", "version": "0.2.48", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 4, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-6w46-j5rx-g56g" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ] } }, { "name": "agent-analytics-mcp-server", "version": "0.1.1", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 6, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "agentanycast-mcp", "version": "0.7.2", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 4, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-6w46-j5rx-g56g" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ] } }, { "name": "agent-audit-logger-mcp", "version": "1.0.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ] } }, { "name": "agent-audit-trail-mcp", "version": "0.1.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ] } }, { "name": "agentauth-mcp", "version": "0.0.1.dev0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "agentauth-mcp-server", "version": "0.1.1", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 8, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "agentbrain-mcp", "version": "0.1.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 17, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47", "GHSA-6w46-j5rx-g56g", "GHSA-2c2j-9gv5-cj73", "GHSA-74m5-2c7w-9w3x", "GHSA-f96h-pmfr-66vw", "PYSEC-2023-48", "GHSA-f97h-2pfx-f59f", "PYSEC-2020-151" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh", "GHSA-f96h-pmfr-66vw", "GHSA-33c7-2mpw-hg34", "PYSEC-2020-150" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ], "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ], "starlette": [ { "id": "GHSA-2c2j-9gv5-cj73", "severity": "MEDIUM", "summary": "Starlette has possible denial-of-service vector when parsing large files in multipart forms" }, { "id": "GHSA-74m5-2c7w-9w3x", "severity": "HIGH", "summary": "MultipartParser denial of service with too many fields or files" }, { "id": "GHSA-f96h-pmfr-66vw", "severity": "HIGH", "summary": "Starlette Denial of service (DoS) via multipart/form-data" }, { "id": "PYSEC-2023-48", "severity": "UNKNOWN", "summary": "" } ], "uvicorn": [ { "id": "GHSA-33c7-2mpw-hg34", "severity": "HIGH", "summary": "Log injection in uvicorn" }, { "id": "GHSA-f97h-2pfx-f59f", "severity": "HIGH", "summary": "HTTP response splitting in uvicorn" }, { "id": "PYSEC-2020-150", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-151", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "agent-bus-mcp", "version": "0.5.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 23, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-8h2j-cgx8-6xv7", "PYSEC-2021-100", "PYSEC-2024-38", "GHSA-f97h-2pfx-f59f", "PYSEC-2020-151", "GHSA-5545-2q6w-2gh6", "GHSA-f7c7-j99h-c22f", "GHSA-fpfv-jqm9-f5jm", "GHSA-frgw-fgh6-9g52", "PYSEC-2017-1", "PYSEC-2018-33", "PYSEC-2018-34", "PYSEC-2021-856", "PYSEC-2021-857" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh", "PYSEC-2024-38", "GHSA-33c7-2mpw-hg34", "PYSEC-2020-150", "GHSA-9fq2-x9r6-wfmf", "PYSEC-2019-108" ], "RAG & Memory Poisoning": [ "GHSA-2fc2-6r4j-p65h", "GHSA-cw6w-4rcx-xphc" ], "Tool Poisoning": [ "GHSA-9fq2-x9r6-wfmf" ], "Prompt Injection": [ "GHSA-frgw-fgh6-9g52", "PYSEC-2017-1" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "fastapi": [ { "id": "GHSA-8h2j-cgx8-6xv7", "severity": "HIGH", "summary": "Cross-Site Request Forgery (CSRF) in FastAPI" }, { "id": "PYSEC-2021-100", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-38", "severity": "UNKNOWN", "summary": "" } ], "uvicorn": [ { "id": "GHSA-33c7-2mpw-hg34", "severity": "HIGH", "summary": "Log injection in uvicorn" }, { "id": "GHSA-f97h-2pfx-f59f", "severity": "HIGH", "summary": "HTTP response splitting in uvicorn" }, { "id": "PYSEC-2020-150", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-151", "severity": "UNKNOWN", "summary": "" } ], "numpy": [ { "id": "GHSA-2fc2-6r4j-p65h", "severity": "HIGH", "summary": "Numpy arbitrary file write via symlink attack" }, { "id": "GHSA-5545-2q6w-2gh6", "severity": "HIGH", "summary": "NumPy NULL Pointer Dereference" }, { "id": "GHSA-9fq2-x9r6-wfmf", "severity": "CRITICAL", "summary": "Numpy Deserialization of Untrusted Data" }, { "id": "GHSA-cw6w-4rcx-xphc", "severity": "HIGH", "summary": "Arbitrary file write in NumPy" }, { "id": "GHSA-f7c7-j99h-c22f", "severity": "MEDIUM", "summary": "Buffer Copy without Checking Size of Input in NumPy" }, { "id": "GHSA-fpfv-jqm9-f5jm", "severity": "MEDIUM", "summary": "Incorrect Comparison in NumPy" }, { "id": "GHSA-frgw-fgh6-9g52", "severity": "HIGH", "summary": "Numpy missing input validation" }, { "id": "PYSEC-2017-1", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2018-33", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2018-34", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2019-108", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-856", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-857", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "agentcard-mcp", "version": "0.1.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 4, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-6w46-j5rx-g56g" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ] } }, { "name": "agent-chat-mcp", "version": "1.0.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ] } }, { "name": "agent-chatroom-mcp", "version": "0.1.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 5, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "agent-coding-standards-mcp", "version": "1.0.1", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 9, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47", "GHSA-mf9w-mj56-hr94" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183" ], "Privilege Escalation": [ "GHSA-mf9w-mj56-hr94" ], "Credential Scope": [ "GHSA-mf9w-mj56-hr94" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ], "python-dotenv": [ { "id": "GHSA-mf9w-mj56-hr94", "severity": "MEDIUM", "summary": "python-dotenv: Symlink following in set_key allows arbitrary file overwrite via cross-device rename fallback" } ] } }, { "name": "agent-commerce-mcp-server", "version": "0.1.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 9, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47", "GHSA-mf9w-mj56-hr94" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183" ], "Privilege Escalation": [ "GHSA-mf9w-mj56-hr94" ], "Credential Scope": [ "GHSA-mf9w-mj56-hr94" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ], "python-dotenv": [ { "id": "GHSA-mf9w-mj56-hr94", "severity": "MEDIUM", "summary": "python-dotenv: Symlink following in set_key allows arbitrary file overwrite via cross-device rename fallback" } ] } }, { "name": "agent-commerce-payments-mcp", "version": "1.0.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ] } }, { "name": "agent-context-optimizer-mcp", "version": "0.1.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 8, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "agent-coordination-mcp-server", "version": "0.1.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 6, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "agentcore-mcp-proxy", "version": "0.1.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 23, "max_severity": "CRITICAL", "tactic_exposure": { "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183", "GHSA-q3cj-2r34-2cwc" ], "Infrastructure & Runtime": [ "GHSA-652x-xj99-gmcc", "GHSA-9wx4-h78v-vm56", "GHSA-gc5v-m9x4-r6x2", "PYSEC-2014-14", "GHSA-mf9w-mj56-hr94", "GHSA-3ww4-gg4f-jr7f", "GHSA-9v9h-cgj8-h64p", "GHSA-hggm-jpg3-v476", "GHSA-r6ph-v2qm-q3c2", "PYSEC-2017-8", "PYSEC-2021-62" ], "Credential Scope": [ "GHSA-9hjg-9r4m-mvj7", "GHSA-cfj3-7x9c-4p3h", "GHSA-x84v-xcm2-53pg", "PYSEC-2014-13", "PYSEC-2018-28", "GHSA-mf9w-mj56-hr94", "GHSA-752w-5fwx-jx9f", "GHSA-r9jw-mwhq-wp62", "PYSEC-2017-24" ], "Privilege Escalation": [ "GHSA-mf9w-mj56-hr94" ], "Code Execution": [ "GHSA-9v9h-cgj8-h64p", "GHSA-m959-cc7f-wv43", "GHSA-752w-5fwx-jx9f" ] }, "direct_vulns": [], "dep_vulns": { "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "requests": [ { "id": "GHSA-652x-xj99-gmcc", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-9hjg-9r4m-mvj7", "severity": "MEDIUM", "summary": "Requests vulnerable to .netrc credentials leak via malicious URLs" }, { "id": "GHSA-9wx4-h78v-vm56", "severity": "MEDIUM", "summary": "Requests `Session` object does not verify requests after making first request with verify=False" }, { "id": "GHSA-cfj3-7x9c-4p3h", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-gc5v-m9x4-r6x2", "severity": "MEDIUM", "summary": "Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function" }, { "id": "GHSA-x84v-xcm2-53pg", "severity": "HIGH", "summary": "Insufficiently Protected Credentials in Requests" }, { "id": "PYSEC-2014-13", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-14", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2018-28", "severity": "UNKNOWN", "summary": "" } ], "python-dotenv": [ { "id": "GHSA-mf9w-mj56-hr94", "severity": "MEDIUM", "summary": "python-dotenv: Symlink following in set_key allows arbitrary file overwrite via cross-device rename fallback" } ], "cryptography": [ { "id": "GHSA-3ww4-gg4f-jr7f", "severity": "HIGH", "summary": "Python Cryptography package vulnerable to Bleichenbacher timing oracle attack" }, { "id": "GHSA-9v9h-cgj8-h64p", "severity": "MEDIUM", "summary": "Null pointer dereference in PKCS12 parsing" }, { "id": "GHSA-hggm-jpg3-v476", "severity": "HIGH", "summary": "RSA decryption vulnerable to Bleichenbacher timing vulnerability" }, { "id": "GHSA-m959-cc7f-wv43", "severity": "LOW", "summary": "cryptography has incomplete DNS name constraint enforcement on peer names" }, { "id": "GHSA-q3cj-2r34-2cwc", "severity": "HIGH", "summary": "Improper input validation in cryptography" }, { "id": "GHSA-r6ph-v2qm-q3c2", "severity": "HIGH", "summary": "cryptography Vulnerable to a Subgroup Attack Due to Missing Subgroup Validation for SECT Curves" }, { "id": "PYSEC-2017-8", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-62", "severity": "UNKNOWN", "summary": "" } ], "pyjwt": [ { "id": "GHSA-752w-5fwx-jx9f", "severity": "HIGH", "summary": "PyJWT accepts unknown `crit` header extensions" }, { "id": "GHSA-r9jw-mwhq-wp62", "severity": "HIGH", "summary": "PyJWT vulnerable to key confusion attacks" }, { "id": "PYSEC-2017-24", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "agentcraft-mcp", "version": "0.1.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 49, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-2vrm-gr82-f7m5", "GHSA-3wq7-rqq7-wx6j", "GHSA-45c4-8wx5-qw6w", "GHSA-5m98-qgg9-wh84", "GHSA-63hf-3vf5-4wqf", "GHSA-69f9-5gxw-wvc2", "GHSA-6jhg-hg63-jvvf", "GHSA-6mq8-rvhq-8wgg", "GHSA-8495-4g3g-x7pr", "GHSA-9548-qrrj-x5pj", "GHSA-966j-vmvw-g2g9", "GHSA-c427-h43c-vf67", "GHSA-fh55-r93g-j68g", "GHSA-g84x-mcqj-x9qq", "GHSA-hcc4-c3v8-rx92", "GHSA-jj3x-wxrx-4x23", "GHSA-m5qp-6w8w-w647", "GHSA-mqqc-3gqh-h2x8", "GHSA-mwh4-6h8g-pg8w", "GHSA-pjjw-qhg8-p2p9", "GHSA-q3qx-c6g2-7pw2", "GHSA-qvrw-v9rv-5rjx", "GHSA-w2fm-2cpv-w7v5", "PYSEC-2023-120", "PYSEC-2023-246", "PYSEC-2023-250", "PYSEC-2023-251", "GHSA-mf9w-mj56-hr94", "GHSA-f97h-2pfx-f59f", "PYSEC-2020-151" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh", "GHSA-3wq7-rqq7-wx6j", "GHSA-54jq-c3m8-4m76", "GHSA-8qpw-xqxj-h4r2", "GHSA-gfw2-4jvh-wgfg", "GHSA-p998-jp59-783m", "PYSEC-2024-26", "GHSA-33c7-2mpw-hg34", "PYSEC-2020-150", "GHSA-8q59-q68h-6hv4", "GHSA-rprw-h62v-c2w7", "PYSEC-2018-49", "PYSEC-2021-142" ], "RAG & Memory Poisoning": [ "GHSA-54jq-c3m8-4m76", "GHSA-xx9p-xxvh-7g8j" ], "Prompt Injection": [ "GHSA-7gpw-8wmc-pm8g", "GHSA-8q59-q68h-6hv4" ], "Credential Scope": [ "GHSA-p998-jp59-783m", "GHSA-mf9w-mj56-hr94" ], "Output Weaponization": [ "GHSA-p998-jp59-783m", "GHSA-v6wp-4m6f-gcjg", "GHSA-xx9p-xxvh-7g8j", "PYSEC-2021-76", "PYSEC-2023-247" ], "Privilege Escalation": [ "GHSA-mf9w-mj56-hr94" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "aiohttp": [ { "id": "GHSA-2vrm-gr82-f7m5", "severity": "LOW", "summary": "AIOHTTP has CRLF injection through multipart part content type header construction" }, { "id": "GHSA-3wq7-rqq7-wx6j", "severity": "LOW", "summary": "AIOHTTP has late size enforcement for non-file multipart fields causes memory DoS" }, { "id": "GHSA-45c4-8wx5-qw6w", "severity": "MEDIUM", "summary": "aiohttp.web.Application vulnerable to HTTP request smuggling via llhttp HTTP request parser" }, { "id": "GHSA-54jq-c3m8-4m76", "severity": "LOW", "summary": "AIOHTTP vulnerable to brute-force leak of internal static \ufb01le path components" }, { "id": "GHSA-5m98-qgg9-wh84", "severity": "HIGH", "summary": "aiohttp vulnerable to Denial of Service when trying to parse malformed POST requests" }, { "id": "GHSA-63hf-3vf5-4wqf", "severity": "LOW", "summary": "AIOHTTP's C parser (llhttp) accepts null bytes and control characters in response header values - header injection/security bypass" }, { "id": "GHSA-69f9-5gxw-wvc2", "severity": "LOW", "summary": "AIOHTTP's unicode processing of header values could cause parsing discrepancies" }, { "id": "GHSA-6jhg-hg63-jvvf", "severity": "MEDIUM", "summary": "AIOHTTP vulnerable to denial of service through large payloads" }, { "id": "GHSA-6mq8-rvhq-8wgg", "severity": "HIGH", "summary": "AIOHTTP's HTTP Parser auto_decompress feature is vulnerable to zip bomb" }, { "id": "GHSA-7gpw-8wmc-pm8g", "severity": "MEDIUM", "summary": "aiohttp Cross-site Scripting vulnerability on index pages for static file handling" }, { "id": "GHSA-8495-4g3g-x7pr", "severity": "MEDIUM", "summary": "aiohttp allows request smuggling due to incorrect parsing of chunk extensions" }, { "id": "GHSA-8qpw-xqxj-h4r2", "severity": "MEDIUM", "summary": "aiohttp's HTTP parser (the python one, not llhttp) still overly lenient about separators" }, { "id": "GHSA-9548-qrrj-x5pj", "severity": "LOW", "summary": " AIOHTTP is vulnerable to HTTP Request/Response Smuggling through incorrect parsing of chunked trailer sections" }, { "id": "GHSA-966j-vmvw-g2g9", "severity": "LOW", "summary": "AIOHTTP leaks Cookie and Proxy-Authorization headers on cross-origin redirect" }, { "id": "GHSA-c427-h43c-vf67", "severity": "MEDIUM", "summary": "AIOHTTP accepts duplicate Host headers" }, { "id": "GHSA-fh55-r93g-j68g", "severity": "LOW", "summary": "AIOHTTP Vulnerable to Cookie Parser Warning Storm" }, { "id": "GHSA-g84x-mcqj-x9qq", "severity": "MEDIUM", "summary": "AIOHTTP vulnerable to DoS through chunked messages" }, { "id": "GHSA-gfw2-4jvh-wgfg", "severity": "MEDIUM", "summary": "AIOHTTP has problems in HTTP parser (the python one, not llhttp)" }, { "id": "GHSA-hcc4-c3v8-rx92", "severity": "LOW", "summary": "AIOHTTP Affected by Denial of Service (DoS) via Unbounded DNS Cache in TCPConnector" }, { "id": "GHSA-jj3x-wxrx-4x23", "severity": "MEDIUM", "summary": "AIOHTTP vulnerable to DoS when bypassing asserts" }, { "id": "GHSA-m5qp-6w8w-w647", "severity": "MEDIUM", "summary": "AIOHTTP has a Multipart Header Size Bypass" }, { "id": "GHSA-mqqc-3gqh-h2x8", "severity": "LOW", "summary": "AIOHTTP has unicode match groups in regexes for ASCII protocol elements" }, { "id": "GHSA-mwh4-6h8g-pg8w", "severity": "LOW", "summary": "AIOHTTP has HTTP response splitting via \\r in reason phrase" }, { "id": "GHSA-p998-jp59-783m", "severity": "MEDIUM", "summary": "AIOHTTP affected by UNC SSRF/NTLMv2 Credential Theft/Local File Read in static resource handler on Windows" }, { "id": "GHSA-pjjw-qhg8-p2p9", "severity": "MEDIUM", "summary": "aiohttp has vulnerable dependency that is vulnerable to request smuggling" }, { "id": "GHSA-q3qx-c6g2-7pw2", "severity": "MEDIUM", "summary": "aiohttp's ClientSession is vulnerable to CRLF injection via version" }, { "id": "GHSA-qvrw-v9rv-5rjx", "severity": "MEDIUM", "summary": "aiohttp's ClientSession is vulnerable to CRLF injection via method" }, { "id": "GHSA-v6wp-4m6f-gcjg", "severity": "LOW", "summary": "`aiohttp` Open Redirect vulnerability (`normalize_path_middleware` middleware)" }, { "id": "GHSA-w2fm-2cpv-w7v5", "severity": "MEDIUM", "summary": "aiohttp allows unlimited trailer headers, leading to possible uncapped memory usage" }, { "id": "GHSA-xx9p-xxvh-7g8j", "severity": "LOW", "summary": "Aiohttp has inconsistent interpretation of `Content-Length` vs. `Transfer-Encoding` differing in C and Python fallbacks" }, { "id": "PYSEC-2021-76", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-120", "severity": "UNKNOWN", "summary": "aiohttp.web.Application vulnerable to HTTP request smuggling via llhttp HTTP request parser" }, { "id": "PYSEC-2023-246", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-247", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-250", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-251", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-26", "severity": "UNKNOWN", "summary": "" } ], "python-dotenv": [ { "id": "GHSA-mf9w-mj56-hr94", "severity": "MEDIUM", "summary": "python-dotenv: Symlink following in set_key allows arbitrary file overwrite via cross-device rename fallback" } ], "uvicorn": [ { "id": "GHSA-33c7-2mpw-hg34", "severity": "HIGH", "summary": "Log injection in uvicorn" }, { "id": "GHSA-f97h-2pfx-f59f", "severity": "HIGH", "summary": "HTTP response splitting in uvicorn" }, { "id": "PYSEC-2020-150", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-151", "severity": "UNKNOWN", "summary": "" } ], "pyyaml": [ { "id": "GHSA-8q59-q68h-6hv4", "severity": "CRITICAL", "summary": "Improper Input Validation in PyYAML" }, { "id": "GHSA-rprw-h62v-c2w7", "severity": "CRITICAL", "summary": "PyYAML insecurely deserializes YAML strings leading to arbitrary code execution" }, { "id": "PYSEC-2018-49", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-142", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "agent-delegation-mcp", "version": "1.0.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ] } }, { "name": "agent-deploy-mcp", "version": "0.1.3", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 5, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "agent-directory-mcp-server", "version": "0.1.1", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 6, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "agentdrive-mcp", "version": "0.1.7", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 6, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-6w46-j5rx-g56g" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ] } }, { "name": "agent-eval-mcp", "version": "0.2.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 12, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-652x-xj99-gmcc", "GHSA-9wx4-h78v-vm56", "GHSA-gc5v-m9x4-r6x2", "PYSEC-2014-14" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "Credential Scope": [ "GHSA-9hjg-9r4m-mvj7", "GHSA-cfj3-7x9c-4p3h", "GHSA-x84v-xcm2-53pg", "PYSEC-2014-13", "PYSEC-2018-28" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "requests": [ { "id": "GHSA-652x-xj99-gmcc", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-9hjg-9r4m-mvj7", "severity": "MEDIUM", "summary": "Requests vulnerable to .netrc credentials leak via malicious URLs" }, { "id": "GHSA-9wx4-h78v-vm56", "severity": "MEDIUM", "summary": "Requests `Session` object does not verify requests after making first request with verify=False" }, { "id": "GHSA-cfj3-7x9c-4p3h", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-gc5v-m9x4-r6x2", "severity": "MEDIUM", "summary": "Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function" }, { "id": "GHSA-x84v-xcm2-53pg", "severity": "HIGH", "summary": "Insufficiently Protected Credentials in Requests" }, { "id": "PYSEC-2014-13", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-14", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2018-28", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "agentfactory-mcp-server", "version": "0.1.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 27, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47", "GHSA-6w46-j5rx-g56g", "GHSA-8h2j-cgx8-6xv7", "PYSEC-2021-100", "PYSEC-2024-38", "GHSA-38fc-9xqv-7f7q", "GHSA-887w-45rq-vxgf", "GHSA-hfg2-wf6j-x53p", "PYSEC-2012-9", "PYSEC-2019-123", "PYSEC-2019-124", "GHSA-f97h-2pfx-f59f", "PYSEC-2020-151", "GHSA-fj7x-q9j7-g6q6", "PYSEC-2024-48" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh", "PYSEC-2024-38", "GHSA-33c7-2mpw-hg34", "PYSEC-2020-150" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183" ], "RAG & Memory Poisoning": [ "GHSA-3936-cmfr-pm3m" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" }, { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ], "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ], "fastapi": [ { "id": "GHSA-8h2j-cgx8-6xv7", "severity": "HIGH", "summary": "Cross-Site Request Forgery (CSRF) in FastAPI" }, { "id": "PYSEC-2021-100", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-38", "severity": "UNKNOWN", "summary": "" } ], "sqlalchemy": [ { "id": "GHSA-38fc-9xqv-7f7q", "severity": "CRITICAL", "summary": "SQLAlchemy is vulnerable to SQL Injection via group_by parameter " }, { "id": "GHSA-887w-45rq-vxgf", "severity": "CRITICAL", "summary": "SQLAlchemy vulnerable to SQL Injection via order_by parameter" }, { "id": "GHSA-hfg2-wf6j-x53p", "severity": "CRITICAL", "summary": "SQLAlchemy vulnerable to SQL injection" }, { "id": "PYSEC-2012-9", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2019-123", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2019-124", "severity": "UNKNOWN", "summary": "" } ], "uvicorn": [ { "id": "GHSA-33c7-2mpw-hg34", "severity": "HIGH", "summary": "Log injection in uvicorn" }, { "id": "GHSA-f97h-2pfx-f59f", "severity": "HIGH", "summary": "HTTP response splitting in uvicorn" }, { "id": "PYSEC-2020-150", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-151", "severity": "UNKNOWN", "summary": "" } ], "black": [ { "id": "GHSA-3936-cmfr-pm3m", "severity": "HIGH", "summary": "Black: Arbitrary file writes from unsanitized user input in cache file name" }, { "id": "GHSA-fj7x-q9j7-g6q6", "severity": "MEDIUM", "summary": "Black vulnerable to Regular Expression Denial of Service (ReDoS)" }, { "id": "PYSEC-2024-48", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "agent-feedback-mcp-server", "version": "0.1.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 6, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "agentfetch-mcp", "version": "1.0.1", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 15, "max_severity": "CRITICAL", "tactic_exposure": { "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183", "GHSA-mxxr-jv3v-6pgc" ], "Infrastructure & Runtime": [ "GHSA-6w46-j5rx-g56g", "GHSA-mf9w-mj56-hr94", "GHSA-rcfx-77hg-w2wv", "GHSA-jrm6-h9cq-8gqw", "GHSA-xcjx-m2pj-8g79" ], "Privilege Escalation": [ "GHSA-mf9w-mj56-hr94", "GHSA-rww4-4w9c-7733", "GHSA-vv7q-7jx5-f767" ], "Credential Scope": [ "GHSA-mf9w-mj56-hr94", "GHSA-5h2m-4q8j-pqpj", "GHSA-vv7q-7jx5-f767" ], "Code Execution": [ "GHSA-5h2m-4q8j-pqpj", "GHSA-c2jp-c369-7pvx", "GHSA-m8x7-r2rg-vh5g", "GHSA-rj5c-58rq-j5g5", "GHSA-rww4-4w9c-7733", "PYSEC-2022-194" ], "RAG & Memory Poisoning": [ "GHSA-vv7q-7jx5-f767" ], "Output Weaponization": [ "GHSA-vv7q-7jx5-f767" ] }, "direct_vulns": [], "dep_vulns": { "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ], "python-dotenv": [ { "id": "GHSA-mf9w-mj56-hr94", "severity": "MEDIUM", "summary": "python-dotenv: Symlink following in set_key allows arbitrary file overwrite via cross-device rename fallback" } ], "fastmcp": [ { "id": "GHSA-5h2m-4q8j-pqpj", "severity": "HIGH", "summary": "FastMCP OAuth Proxy token reuse across MCP servers" }, { "id": "GHSA-c2jp-c369-7pvx", "severity": "HIGH", "summary": "FastMCP Auth Integration Allows for Confused Deputy Account Takeover" }, { "id": "GHSA-m8x7-r2rg-vh5g", "severity": "MEDIUM", "summary": "FastMCP has a Command Injection vulnerability - Gemini CLI" }, { "id": "GHSA-mxxr-jv3v-6pgc", "severity": "MEDIUM", "summary": "FastMCP vulnerable to reflected XSS in client's callback page" }, { "id": "GHSA-rcfx-77hg-w2wv", "severity": "HIGH", "summary": "FastMCP updated to MCP 1.23+ due to CVE-2025-66416" }, { "id": "GHSA-rj5c-58rq-j5g5", "severity": "MEDIUM", "summary": "FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name" }, { "id": "GHSA-rww4-4w9c-7733", "severity": "HIGH", "summary": "FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities" }, { "id": "GHSA-vv7q-7jx5-f767", "severity": "CRITICAL", "summary": "FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability" } ], "pypdf2": [ { "id": "GHSA-jrm6-h9cq-8gqw", "severity": "MEDIUM", "summary": "PyPDF2 quadratic runtime with malformed PDF missing xref marker" }, { "id": "GHSA-xcjx-m2pj-8g79", "severity": "MEDIUM", "summary": "Manipulated inline images can cause Infinite Loop in PyPDF2" }, { "id": "PYSEC-2022-194", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "agent-genesis-mcp", "version": "1.4.1", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 21, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-6w46-j5rx-g56g", "GHSA-652x-xj99-gmcc", "GHSA-9wx4-h78v-vm56", "GHSA-gc5v-m9x4-r6x2", "PYSEC-2014-14", "GHSA-fj7x-q9j7-g6q6", "PYSEC-2024-48", "GHSA-rcfx-77hg-w2wv" ], "Credential Scope": [ "GHSA-9hjg-9r4m-mvj7", "GHSA-cfj3-7x9c-4p3h", "GHSA-x84v-xcm2-53pg", "PYSEC-2014-13", "PYSEC-2018-28", "GHSA-5h2m-4q8j-pqpj", "GHSA-vv7q-7jx5-f767" ], "RAG & Memory Poisoning": [ "GHSA-3936-cmfr-pm3m", "GHSA-vv7q-7jx5-f767" ], "Code Execution": [ "GHSA-5h2m-4q8j-pqpj", "GHSA-c2jp-c369-7pvx", "GHSA-m8x7-r2rg-vh5g", "GHSA-rj5c-58rq-j5g5", "GHSA-rww4-4w9c-7733" ], "Prompt Injection": [ "GHSA-mxxr-jv3v-6pgc" ], "Privilege Escalation": [ "GHSA-rww4-4w9c-7733", "GHSA-vv7q-7jx5-f767" ], "Output Weaponization": [ "GHSA-vv7q-7jx5-f767" ] }, "direct_vulns": [], "dep_vulns": { "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ], "requests": [ { "id": "GHSA-652x-xj99-gmcc", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-9hjg-9r4m-mvj7", "severity": "MEDIUM", "summary": "Requests vulnerable to .netrc credentials leak via malicious URLs" }, { "id": "GHSA-9wx4-h78v-vm56", "severity": "MEDIUM", "summary": "Requests `Session` object does not verify requests after making first request with verify=False" }, { "id": "GHSA-cfj3-7x9c-4p3h", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-gc5v-m9x4-r6x2", "severity": "MEDIUM", "summary": "Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function" }, { "id": "GHSA-x84v-xcm2-53pg", "severity": "HIGH", "summary": "Insufficiently Protected Credentials in Requests" }, { "id": "PYSEC-2014-13", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-14", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2018-28", "severity": "UNKNOWN", "summary": "" } ], "black": [ { "id": "GHSA-3936-cmfr-pm3m", "severity": "HIGH", "summary": "Black: Arbitrary file writes from unsanitized user input in cache file name" }, { "id": "GHSA-fj7x-q9j7-g6q6", "severity": "MEDIUM", "summary": "Black vulnerable to Regular Expression Denial of Service (ReDoS)" }, { "id": "PYSEC-2024-48", "severity": "UNKNOWN", "summary": "" } ], "fastmcp": [ { "id": "GHSA-5h2m-4q8j-pqpj", "severity": "HIGH", "summary": "FastMCP OAuth Proxy token reuse across MCP servers" }, { "id": "GHSA-c2jp-c369-7pvx", "severity": "HIGH", "summary": "FastMCP Auth Integration Allows for Confused Deputy Account Takeover" }, { "id": "GHSA-m8x7-r2rg-vh5g", "severity": "MEDIUM", "summary": "FastMCP has a Command Injection vulnerability - Gemini CLI" }, { "id": "GHSA-mxxr-jv3v-6pgc", "severity": "MEDIUM", "summary": "FastMCP vulnerable to reflected XSS in client's callback page" }, { "id": "GHSA-rcfx-77hg-w2wv", "severity": "HIGH", "summary": "FastMCP updated to MCP 1.23+ due to CVE-2025-66416" }, { "id": "GHSA-rj5c-58rq-j5g5", "severity": "MEDIUM", "summary": "FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name" }, { "id": "GHSA-rww4-4w9c-7733", "severity": "HIGH", "summary": "FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities" }, { "id": "GHSA-vv7q-7jx5-f767", "severity": "CRITICAL", "summary": "FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability" } ] } }, { "name": "agent-handoff-certified-mcp", "version": "1.0.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ] } }, { "name": "agenthotspot-mcp", "version": "1.0.2", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 11, "max_severity": "CRITICAL", "tactic_exposure": { "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183", "GHSA-mxxr-jv3v-6pgc" ], "Infrastructure & Runtime": [ "GHSA-6w46-j5rx-g56g", "GHSA-rcfx-77hg-w2wv" ], "Code Execution": [ "GHSA-5h2m-4q8j-pqpj", "GHSA-c2jp-c369-7pvx", "GHSA-m8x7-r2rg-vh5g", "GHSA-rj5c-58rq-j5g5", "GHSA-rww4-4w9c-7733" ], "Credential Scope": [ "GHSA-5h2m-4q8j-pqpj", "GHSA-vv7q-7jx5-f767" ], "Privilege Escalation": [ "GHSA-rww4-4w9c-7733", "GHSA-vv7q-7jx5-f767" ], "RAG & Memory Poisoning": [ "GHSA-vv7q-7jx5-f767" ], "Output Weaponization": [ "GHSA-vv7q-7jx5-f767" ] }, "direct_vulns": [], "dep_vulns": { "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ], "fastmcp": [ { "id": "GHSA-5h2m-4q8j-pqpj", "severity": "HIGH", "summary": "FastMCP OAuth Proxy token reuse across MCP servers" }, { "id": "GHSA-c2jp-c369-7pvx", "severity": "HIGH", "summary": "FastMCP Auth Integration Allows for Confused Deputy Account Takeover" }, { "id": "GHSA-m8x7-r2rg-vh5g", "severity": "MEDIUM", "summary": "FastMCP has a Command Injection vulnerability - Gemini CLI" }, { "id": "GHSA-mxxr-jv3v-6pgc", "severity": "MEDIUM", "summary": "FastMCP vulnerable to reflected XSS in client's callback page" }, { "id": "GHSA-rcfx-77hg-w2wv", "severity": "HIGH", "summary": "FastMCP updated to MCP 1.23+ due to CVE-2025-66416" }, { "id": "GHSA-rj5c-58rq-j5g5", "severity": "MEDIUM", "summary": "FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name" }, { "id": "GHSA-rww4-4w9c-7733", "severity": "HIGH", "summary": "FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities" }, { "id": "GHSA-vv7q-7jx5-f767", "severity": "CRITICAL", "summary": "FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability" } ] } }, { "name": "agentic-ai-mcp", "version": "0.6.5", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 54, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47", "GHSA-6w46-j5rx-g56g", "GHSA-mf9w-mj56-hr94", "GHSA-3hjh-jh2h-vrg6", "GHSA-45pg-36p6-83v9", "GHSA-7q94-qpjr-xpgm", "PYSEC-2023-110", "PYSEC-2024-115", "PYSEC-2024-118", "GHSA-rcfx-77hg-w2wv" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh", "GHSA-2qmj-7962-cjq8", "GHSA-3hjh-jh2h-vrg6", "GHSA-57fc-8q82-gfp3", "GHSA-6643-h7h5-x9wh", "GHSA-6h8p-4hx9-w66c", "GHSA-7gfq-f96f-g85j", "GHSA-8h5w-f6q9-wg35", "GHSA-92j5-3459-qgp4", "GHSA-f73w-4m7g-ch9x", "GHSA-fj32-q626-pjjc", "GHSA-fprp-p869-w6q2", "GHSA-gwqq-6vq7-5j86", "GHSA-h59x-p739-982c", "GHSA-prgp-w7vf-ch62", "GHSA-rgp8-pm28-3759", "GHSA-x32c-59v5-h7fg", "PYSEC-2023-109", "PYSEC-2023-138", "PYSEC-2023-145", "PYSEC-2023-146", "PYSEC-2023-147", "PYSEC-2023-151", "PYSEC-2023-162", "PYSEC-2023-18", "PYSEC-2023-91", "PYSEC-2023-92", "PYSEC-2023-98", "PYSEC-2024-118", "PYSEC-2024-43", "GHSA-g48c-2wqr-h844", "GHSA-r7w7-9xr2-qq2r", "GHSA-5h2m-4q8j-pqpj", "GHSA-c2jp-c369-7pvx", "GHSA-m8x7-r2rg-vh5g", "GHSA-rj5c-58rq-j5g5", "GHSA-rww4-4w9c-7733" ], "Privilege Escalation": [ "GHSA-mf9w-mj56-hr94", "GHSA-g48c-2wqr-h844", "GHSA-rww4-4w9c-7733", "GHSA-vv7q-7jx5-f767" ], "Credential Scope": [ "GHSA-mf9w-mj56-hr94", "GHSA-h59x-p739-982c", "PYSEC-2024-43", "GHSA-g48c-2wqr-h844", "GHSA-5h2m-4q8j-pqpj", "GHSA-vv7q-7jx5-f767" ], "Prompt Injection": [ "GHSA-45pg-36p6-83v9", "GHSA-6h8p-4hx9-w66c", "GHSA-8h5w-f6q9-wg35", "GHSA-fprp-p869-w6q2", "PYSEC-2023-18", "PYSEC-2024-115", "GHSA-mxxr-jv3v-6pgc" ], "Output Weaponization": [ "GHSA-45pg-36p6-83v9", "GHSA-655w-fm8m-m478", "GHSA-6h8p-4hx9-w66c", "GHSA-h9j7-5xvc-qhg5", "GHSA-rgp8-pm28-3759", "PYSEC-2023-205", "PYSEC-2024-115", "GHSA-r7w7-9xr2-qq2r", "GHSA-vv7q-7jx5-f767" ], "RAG & Memory Poisoning": [ "GHSA-h59x-p739-982c", "GHSA-rgp8-pm28-3759", "PYSEC-2024-43", "GHSA-vv7q-7jx5-f767" ], "Tool Poisoning": [ "GHSA-g48c-2wqr-h844" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ], "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ], "python-dotenv": [ { "id": "GHSA-mf9w-mj56-hr94", "severity": "MEDIUM", "summary": "python-dotenv: Symlink following in set_key allows arbitrary file overwrite via cross-device rename fallback" } ], "langchain": [ { "id": "GHSA-2qmj-7962-cjq8", "severity": "CRITICAL", "summary": "langchain arbitrary code execution vulnerability" }, { "id": "GHSA-3hjh-jh2h-vrg6", "severity": "MEDIUM", "summary": "Denial of service in langchain-community" }, { "id": "GHSA-45pg-36p6-83v9", "severity": "LOW", "summary": "Langchain SQL Injection vulnerability" }, { "id": "GHSA-57fc-8q82-gfp3", "severity": "CRITICAL", "summary": "langchain vulnerable to arbitrary code execution" }, { "id": "GHSA-655w-fm8m-m478", "severity": "HIGH", "summary": "LangChain Server Side Request Forgery vulnerability" }, { "id": "GHSA-6643-h7h5-x9wh", "severity": "CRITICAL", "summary": "Langchain vulnerable to arbitrary code execution" }, { "id": "GHSA-6h8p-4hx9-w66c", "severity": "HIGH", "summary": "Langchain Server-Side Request Forgery vulnerability" }, { "id": "GHSA-7gfq-f96f-g85j", "severity": "CRITICAL", "summary": "langchain vulnerable to arbitrary code execution" }, { "id": "GHSA-7q94-qpjr-xpgm", "severity": "HIGH", "summary": "langchain SQL Injection vulnerability" }, { "id": "GHSA-8h5w-f6q9-wg35", "severity": "CRITICAL", "summary": "Langchain SQL Injection vulnerability" }, { "id": "GHSA-92j5-3459-qgp4", "severity": "CRITICAL", "summary": "LangChain vulnerable to arbitrary code execution" }, { "id": "GHSA-f73w-4m7g-ch9x", "severity": "CRITICAL", "summary": "Langchain vulnerable to arbitrary code execution via the evaluate function in the numexpr library" }, { "id": "GHSA-fj32-q626-pjjc", "severity": "CRITICAL", "summary": "LangChain vulnerable to arbitrary code execution" }, { "id": "GHSA-fprp-p869-w6q2", "severity": "CRITICAL", "summary": "LangChain vulnerable to code injection" }, { "id": "GHSA-gwqq-6vq7-5j86", "severity": "CRITICAL", "summary": "langchain Code Injection vulnerability" }, { "id": "GHSA-h59x-p739-982c", "severity": "LOW", "summary": "LangChain directory traversal vulnerability" }, { "id": "GHSA-h9j7-5xvc-qhg5", "severity": "LOW", "summary": "langchain Server-Side Request Forgery vulnerability" }, { "id": "GHSA-prgp-w7vf-ch62", "severity": "CRITICAL", "summary": "LangChain vulnerable to arbitrary code execution" }, { "id": "GHSA-rgp8-pm28-3759", "severity": "MEDIUM", "summary": "langchain vulnerable to path traversal" }, { "id": "GHSA-x32c-59v5-h7fg", "severity": "CRITICAL", "summary": "Langchain OS Command Injection vulnerability" }, { "id": "PYSEC-2023-109", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-110", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-138", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-145", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-146", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-147", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-151", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-162", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-18", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-205", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-91", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-92", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-98", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-115", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-118", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-43", "severity": "UNKNOWN", "summary": "" } ], "langgraph": [ { "id": "GHSA-g48c-2wqr-h844", "severity": "MEDIUM", "summary": "LangGraph checkpoint loading has unsafe msgpack deserialization" } ], "langchain-openai": [ { "id": "GHSA-r7w7-9xr2-qq2r", "severity": "LOW", "summary": "langchain-openai: Image token counting SSRF protection can be bypassed via DNS rebinding" } ], "fastmcp": [ { "id": "GHSA-5h2m-4q8j-pqpj", "severity": "HIGH", "summary": "FastMCP OAuth Proxy token reuse across MCP servers" }, { "id": "GHSA-c2jp-c369-7pvx", "severity": "HIGH", "summary": "FastMCP Auth Integration Allows for Confused Deputy Account Takeover" }, { "id": "GHSA-m8x7-r2rg-vh5g", "severity": "MEDIUM", "summary": "FastMCP has a Command Injection vulnerability - Gemini CLI" }, { "id": "GHSA-mxxr-jv3v-6pgc", "severity": "MEDIUM", "summary": "FastMCP vulnerable to reflected XSS in client's callback page" }, { "id": "GHSA-rcfx-77hg-w2wv", "severity": "HIGH", "summary": "FastMCP updated to MCP 1.23+ due to CVE-2025-66416" }, { "id": "GHSA-rj5c-58rq-j5g5", "severity": "MEDIUM", "summary": "FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name" }, { "id": "GHSA-rww4-4w9c-7733", "severity": "HIGH", "summary": "FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities" }, { "id": "GHSA-vv7q-7jx5-f767", "severity": "CRITICAL", "summary": "FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability" } ] } }, { "name": "agentic-audit-mcp", "version": "0.3.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ] } }, { "name": "agenticcalling-mcp", "version": "0.1.1", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 13, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-2c2j-9gv5-cj73", "GHSA-74m5-2c7w-9w3x", "GHSA-f96h-pmfr-66vw", "PYSEC-2023-48", "GHSA-f97h-2pfx-f59f", "PYSEC-2020-151" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh", "GHSA-f96h-pmfr-66vw", "GHSA-33c7-2mpw-hg34", "PYSEC-2020-150" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "starlette": [ { "id": "GHSA-2c2j-9gv5-cj73", "severity": "MEDIUM", "summary": "Starlette has possible denial-of-service vector when parsing large files in multipart forms" }, { "id": "GHSA-74m5-2c7w-9w3x", "severity": "HIGH", "summary": "MultipartParser denial of service with too many fields or files" }, { "id": "GHSA-f96h-pmfr-66vw", "severity": "HIGH", "summary": "Starlette Denial of service (DoS) via multipart/form-data" }, { "id": "PYSEC-2023-48", "severity": "UNKNOWN", "summary": "" } ], "uvicorn": [ { "id": "GHSA-33c7-2mpw-hg34", "severity": "HIGH", "summary": "Log injection in uvicorn" }, { "id": "GHSA-f97h-2pfx-f59f", "severity": "HIGH", "summary": "HTTP response splitting in uvicorn" }, { "id": "PYSEC-2020-150", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-151", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "agentic-mcp", "version": "2.0.5", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 8, "max_severity": "CRITICAL", "tactic_exposure": { "Code Execution": [ "GHSA-5h2m-4q8j-pqpj", "GHSA-c2jp-c369-7pvx", "GHSA-m8x7-r2rg-vh5g", "GHSA-rj5c-58rq-j5g5", "GHSA-rww4-4w9c-7733" ], "Credential Scope": [ "GHSA-5h2m-4q8j-pqpj", "GHSA-vv7q-7jx5-f767" ], "Prompt Injection": [ "GHSA-mxxr-jv3v-6pgc" ], "Infrastructure & Runtime": [ "GHSA-rcfx-77hg-w2wv" ], "Privilege Escalation": [ "GHSA-rww4-4w9c-7733", "GHSA-vv7q-7jx5-f767" ], "RAG & Memory Poisoning": [ "GHSA-vv7q-7jx5-f767" ], "Output Weaponization": [ "GHSA-vv7q-7jx5-f767" ] }, "direct_vulns": [], "dep_vulns": { "fastmcp": [ { "id": "GHSA-5h2m-4q8j-pqpj", "severity": "HIGH", "summary": "FastMCP OAuth Proxy token reuse across MCP servers" }, { "id": "GHSA-c2jp-c369-7pvx", "severity": "HIGH", "summary": "FastMCP Auth Integration Allows for Confused Deputy Account Takeover" }, { "id": "GHSA-m8x7-r2rg-vh5g", "severity": "MEDIUM", "summary": "FastMCP has a Command Injection vulnerability - Gemini CLI" }, { "id": "GHSA-mxxr-jv3v-6pgc", "severity": "MEDIUM", "summary": "FastMCP vulnerable to reflected XSS in client's callback page" }, { "id": "GHSA-rcfx-77hg-w2wv", "severity": "HIGH", "summary": "FastMCP updated to MCP 1.23+ due to CVE-2025-66416" }, { "id": "GHSA-rj5c-58rq-j5g5", "severity": "MEDIUM", "summary": "FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name" }, { "id": "GHSA-rww4-4w9c-7733", "severity": "HIGH", "summary": "FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities" }, { "id": "GHSA-vv7q-7jx5-f767", "severity": "CRITICAL", "summary": "FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability" } ] } }, { "name": "agentic-product-protocol-mcp", "version": "0.1.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 5, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "agentic-store-mcp", "version": "1.0.1", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 42, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-6w46-j5rx-g56g", "GHSA-8h2j-cgx8-6xv7", "PYSEC-2021-100", "PYSEC-2024-38", "GHSA-462w-v97r-4m45", "GHSA-8r7q-cvjq-x353", "GHSA-cpwx-vrp4-4pq7", "GHSA-fqh9-2qgg-h84h", "GHSA-g3rq-g295-4j3m", "GHSA-hj2j-77xm-mc5v", "GHSA-q2x7-8rv6-6q7h", "PYSEC-2014-8", "PYSEC-2014-82", "PYSEC-2019-217", "PYSEC-2019-220", "PYSEC-2021-66", "GHSA-f97h-2pfx-f59f", "PYSEC-2020-151", "GHSA-8867-vpm3-g98g", "GHSA-p86x-652p-6385", "PYSEC-2019-181", "PYSEC-2019-182", "GHSA-22gh-3r9q-xf38", "GHSA-527g-3w9m-29hv", "GHSA-63cx-g855-hvv4", "GHSA-6m53-c78q-7qmg", "GHSA-gcx2-gvj7-pxv3", "PYSEC-2018-56" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh", "PYSEC-2024-38", "GHSA-33c7-2mpw-hg34", "PYSEC-2020-150", "GHSA-p3h7-3c45-qj4v", "PYSEC-2012-8", "GHSA-wg33-5h85-7q5p", "PYSEC-2021-328", "PYSEC-2022-170" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183", "GHSA-h5c8-rqwp-cp95", "GHSA-h75v-3vvj-5mfj" ], "Credential Scope": [ "GHSA-p3h7-3c45-qj4v", "PYSEC-2012-8" ], "Privilege Escalation": [ "GHSA-wg33-5h85-7q5p" ], "Output Weaponization": [ "GHSA-wg33-5h85-7q5p" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ], "fastapi": [ { "id": "GHSA-8h2j-cgx8-6xv7", "severity": "HIGH", "summary": "Cross-Site Request Forgery (CSRF) in FastAPI" }, { "id": "PYSEC-2021-100", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-38", "severity": "UNKNOWN", "summary": "" } ], "jinja2": [ { "id": "GHSA-462w-v97r-4m45", "severity": "HIGH", "summary": "Jinja2 sandbox escape via string formatting" }, { "id": "GHSA-8r7q-cvjq-x353", "severity": "HIGH", "summary": "Incorrect Privilege Assignment in Jinja2" }, { "id": "GHSA-cpwx-vrp4-4pq7", "severity": "MEDIUM", "summary": "Jinja2 vulnerable to sandbox breakout through attr filter selecting format method" }, { "id": "GHSA-fqh9-2qgg-h84h", "severity": "MEDIUM", "summary": "Insecure Temporary File in Jinja2" }, { "id": "GHSA-g3rq-g295-4j3m", "severity": "MEDIUM", "summary": "Regular Expression Denial of Service (ReDoS) in Jinja2" }, { "id": "GHSA-h5c8-rqwp-cp95", "severity": "MEDIUM", "summary": "Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter" }, { "id": "GHSA-h75v-3vvj-5mfj", "severity": "MEDIUM", "summary": "Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter" }, { "id": "GHSA-hj2j-77xm-mc5v", "severity": "HIGH", "summary": "Jinja2 sandbox escape vulnerability" }, { "id": "GHSA-q2x7-8rv6-6q7h", "severity": "MEDIUM", "summary": "Jinja has a sandbox breakout through indirect reference to format method" }, { "id": "PYSEC-2014-8", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-82", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2019-217", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2019-220", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-66", "severity": "UNKNOWN", "summary": "" } ], "uvicorn": [ { "id": "GHSA-33c7-2mpw-hg34", "severity": "HIGH", "summary": "Log injection in uvicorn" }, { "id": "GHSA-f97h-2pfx-f59f", "severity": "HIGH", "summary": "HTTP response splitting in uvicorn" }, { "id": "PYSEC-2020-150", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-151", "severity": "UNKNOWN", "summary": "" } ], "keyring": [ { "id": "GHSA-8867-vpm3-g98g", "severity": "HIGH", "summary": "Incorrect Default Permissions in keyring" }, { "id": "GHSA-p3h7-3c45-qj4v", "severity": "HIGH", "summary": "Python Keyring does not securely initialize encryption cipher" }, { "id": "GHSA-p86x-652p-6385", "severity": "HIGH", "summary": "Incorrect Default Permissions in keyring" }, { "id": "PYSEC-2012-8", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2019-181", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2019-182", "severity": "UNKNOWN", "summary": "" } ], "mitmproxy": [ { "id": "GHSA-22gh-3r9q-xf38", "severity": "CRITICAL", "summary": "Lacking Protection against HTTP Request Smuggling in mitmproxy" }, { "id": "GHSA-527g-3w9m-29hv", "severity": "MEDIUM", "summary": "mitmproxy has an LDAP Injection" }, { "id": "GHSA-63cx-g855-hvv4", "severity": "MEDIUM", "summary": "mitmproxy binaries embed a vulnerable python-hyper/h2 dependency" }, { "id": "GHSA-6m53-c78q-7qmg", "severity": "CRITICAL", "summary": "Mitmweb in mitmproxy allows DNS Rebinding attacks" }, { "id": "GHSA-gcx2-gvj7-pxv3", "severity": "CRITICAL", "summary": "Insufficient Protection against HTTP Request Smuggling in mitmproxy" }, { "id": "GHSA-wg33-5h85-7q5p", "severity": "HIGH", "summary": "Mitmweb API Authentication Bypass Using Proxy Server" }, { "id": "PYSEC-2018-56", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-328", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2022-170", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "agentic-testing-mcp", "version": "1.1.3", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 17, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47", "GHSA-6w46-j5rx-g56g", "GHSA-rcfx-77hg-w2wv" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh", "GHSA-5h2m-4q8j-pqpj", "GHSA-c2jp-c369-7pvx", "GHSA-m8x7-r2rg-vh5g", "GHSA-rj5c-58rq-j5g5", "GHSA-rww4-4w9c-7733" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183", "GHSA-mxxr-jv3v-6pgc" ], "Credential Scope": [ "GHSA-5h2m-4q8j-pqpj", "GHSA-vv7q-7jx5-f767" ], "Privilege Escalation": [ "GHSA-rww4-4w9c-7733", "GHSA-vv7q-7jx5-f767" ], "RAG & Memory Poisoning": [ "GHSA-vv7q-7jx5-f767" ], "Output Weaponization": [ "GHSA-vv7q-7jx5-f767" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ], "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ], "fastmcp": [ { "id": "GHSA-5h2m-4q8j-pqpj", "severity": "HIGH", "summary": "FastMCP OAuth Proxy token reuse across MCP servers" }, { "id": "GHSA-c2jp-c369-7pvx", "severity": "HIGH", "summary": "FastMCP Auth Integration Allows for Confused Deputy Account Takeover" }, { "id": "GHSA-m8x7-r2rg-vh5g", "severity": "MEDIUM", "summary": "FastMCP has a Command Injection vulnerability - Gemini CLI" }, { "id": "GHSA-mxxr-jv3v-6pgc", "severity": "MEDIUM", "summary": "FastMCP vulnerable to reflected XSS in client's callback page" }, { "id": "GHSA-rcfx-77hg-w2wv", "severity": "HIGH", "summary": "FastMCP updated to MCP 1.23+ due to CVE-2025-66416" }, { "id": "GHSA-rj5c-58rq-j5g5", "severity": "MEDIUM", "summary": "FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name" }, { "id": "GHSA-rww4-4w9c-7733", "severity": "HIGH", "summary": "FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities" }, { "id": "GHSA-vv7q-7jx5-f767", "severity": "CRITICAL", "summary": "FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability" } ] } }, { "name": "agentictrade-mcp", "version": "0.1.2", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 9, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47", "GHSA-6w46-j5rx-g56g" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ], "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ] } }, { "name": "agenticwerx-mcp-client", "version": "1.5.3", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 12, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47", "GHSA-6w46-j5rx-g56g" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183" ], "Supply Chain": [ "GHSA-7q25-qrjw-6fg2" ], "Anti-Forensics": [ "PYSEC-2020-101" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ], "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" }, { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ], "safety": [ { "id": "GHSA-7q25-qrjw-6fg2", "severity": "MEDIUM", "summary": "Malicious package may avoid detection in python auditing" }, { "id": "PYSEC-2020-101", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "agent-identity-mcp-server", "version": "0.1.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 9, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47", "GHSA-mf9w-mj56-hr94" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183" ], "Privilege Escalation": [ "GHSA-mf9w-mj56-hr94" ], "Credential Scope": [ "GHSA-mf9w-mj56-hr94" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ], "python-dotenv": [ { "id": "GHSA-mf9w-mj56-hr94", "severity": "MEDIUM", "summary": "python-dotenv: Symlink following in set_key allows arbitrary file overwrite via cross-device rename fallback" } ] } }, { "name": "agent-identity-trust-mcp", "version": "1.0.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ] } }, { "name": "agent-insurance-mcp-server", "version": "0.2.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 5, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "agent-knowledge-mcp", "version": "2.2.1", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 27, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47", "GHSA-6w46-j5rx-g56g", "GHSA-652x-xj99-gmcc", "GHSA-9wx4-h78v-vm56", "GHSA-gc5v-m9x4-r6x2", "PYSEC-2014-14", "GHSA-fj7x-q9j7-g6q6", "PYSEC-2024-48", "GHSA-rcfx-77hg-w2wv" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh", "GHSA-5h2m-4q8j-pqpj", "GHSA-c2jp-c369-7pvx", "GHSA-m8x7-r2rg-vh5g", "GHSA-rj5c-58rq-j5g5", "GHSA-rww4-4w9c-7733" ], "Credential Scope": [ "GHSA-9hjg-9r4m-mvj7", "GHSA-cfj3-7x9c-4p3h", "GHSA-x84v-xcm2-53pg", "PYSEC-2014-13", "PYSEC-2018-28", "GHSA-5h2m-4q8j-pqpj", "GHSA-vv7q-7jx5-f767" ], "RAG & Memory Poisoning": [ "GHSA-3936-cmfr-pm3m", "GHSA-vv7q-7jx5-f767" ], "Prompt Injection": [ "GHSA-mxxr-jv3v-6pgc" ], "Privilege Escalation": [ "GHSA-rww4-4w9c-7733", "GHSA-vv7q-7jx5-f767" ], "Output Weaponization": [ "GHSA-vv7q-7jx5-f767" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ], "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ], "requests": [ { "id": "GHSA-652x-xj99-gmcc", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-9hjg-9r4m-mvj7", "severity": "MEDIUM", "summary": "Requests vulnerable to .netrc credentials leak via malicious URLs" }, { "id": "GHSA-9wx4-h78v-vm56", "severity": "MEDIUM", "summary": "Requests `Session` object does not verify requests after making first request with verify=False" }, { "id": "GHSA-cfj3-7x9c-4p3h", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-gc5v-m9x4-r6x2", "severity": "MEDIUM", "summary": "Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function" }, { "id": "GHSA-x84v-xcm2-53pg", "severity": "HIGH", "summary": "Insufficiently Protected Credentials in Requests" }, { "id": "PYSEC-2014-13", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-14", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2018-28", "severity": "UNKNOWN", "summary": "" } ], "black": [ { "id": "GHSA-3936-cmfr-pm3m", "severity": "HIGH", "summary": "Black: Arbitrary file writes from unsanitized user input in cache file name" }, { "id": "GHSA-fj7x-q9j7-g6q6", "severity": "MEDIUM", "summary": "Black vulnerable to Regular Expression Denial of Service (ReDoS)" }, { "id": "PYSEC-2024-48", "severity": "UNKNOWN", "summary": "" } ], "fastmcp": [ { "id": "GHSA-5h2m-4q8j-pqpj", "severity": "HIGH", "summary": "FastMCP OAuth Proxy token reuse across MCP servers" }, { "id": "GHSA-c2jp-c369-7pvx", "severity": "HIGH", "summary": "FastMCP Auth Integration Allows for Confused Deputy Account Takeover" }, { "id": "GHSA-m8x7-r2rg-vh5g", "severity": "MEDIUM", "summary": "FastMCP has a Command Injection vulnerability - Gemini CLI" }, { "id": "GHSA-mxxr-jv3v-6pgc", "severity": "MEDIUM", "summary": "FastMCP vulnerable to reflected XSS in client's callback page" }, { "id": "GHSA-rcfx-77hg-w2wv", "severity": "HIGH", "summary": "FastMCP updated to MCP 1.23+ due to CVE-2025-66416" }, { "id": "GHSA-rj5c-58rq-j5g5", "severity": "MEDIUM", "summary": "FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name" }, { "id": "GHSA-rww4-4w9c-7733", "severity": "HIGH", "summary": "FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities" }, { "id": "GHSA-vv7q-7jx5-f767", "severity": "CRITICAL", "summary": "FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability" } ] } }, { "name": "agent-knowledge-mcp-fastmcp", "version": "2.2.2", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 27, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47", "GHSA-6w46-j5rx-g56g", "GHSA-652x-xj99-gmcc", "GHSA-9wx4-h78v-vm56", "GHSA-gc5v-m9x4-r6x2", "PYSEC-2014-14", "GHSA-fj7x-q9j7-g6q6", "PYSEC-2024-48", "GHSA-rcfx-77hg-w2wv" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh", "GHSA-5h2m-4q8j-pqpj", "GHSA-c2jp-c369-7pvx", "GHSA-m8x7-r2rg-vh5g", "GHSA-rj5c-58rq-j5g5", "GHSA-rww4-4w9c-7733" ], "Credential Scope": [ "GHSA-9hjg-9r4m-mvj7", "GHSA-cfj3-7x9c-4p3h", "GHSA-x84v-xcm2-53pg", "PYSEC-2014-13", "PYSEC-2018-28", "GHSA-5h2m-4q8j-pqpj", "GHSA-vv7q-7jx5-f767" ], "RAG & Memory Poisoning": [ "GHSA-3936-cmfr-pm3m", "GHSA-vv7q-7jx5-f767" ], "Prompt Injection": [ "GHSA-mxxr-jv3v-6pgc" ], "Privilege Escalation": [ "GHSA-rww4-4w9c-7733", "GHSA-vv7q-7jx5-f767" ], "Output Weaponization": [ "GHSA-vv7q-7jx5-f767" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ], "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ], "requests": [ { "id": "GHSA-652x-xj99-gmcc", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-9hjg-9r4m-mvj7", "severity": "MEDIUM", "summary": "Requests vulnerable to .netrc credentials leak via malicious URLs" }, { "id": "GHSA-9wx4-h78v-vm56", "severity": "MEDIUM", "summary": "Requests `Session` object does not verify requests after making first request with verify=False" }, { "id": "GHSA-cfj3-7x9c-4p3h", "severity": "MEDIUM", "summary": "Exposure of Sensitive Information to an Unauthorized Actor in Requests" }, { "id": "GHSA-gc5v-m9x4-r6x2", "severity": "MEDIUM", "summary": "Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function" }, { "id": "GHSA-x84v-xcm2-53pg", "severity": "HIGH", "summary": "Insufficiently Protected Credentials in Requests" }, { "id": "PYSEC-2014-13", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2014-14", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2018-28", "severity": "UNKNOWN", "summary": "" } ], "black": [ { "id": "GHSA-3936-cmfr-pm3m", "severity": "HIGH", "summary": "Black: Arbitrary file writes from unsanitized user input in cache file name" }, { "id": "GHSA-fj7x-q9j7-g6q6", "severity": "MEDIUM", "summary": "Black vulnerable to Regular Expression Denial of Service (ReDoS)" }, { "id": "PYSEC-2024-48", "severity": "UNKNOWN", "summary": "" } ], "fastmcp": [ { "id": "GHSA-5h2m-4q8j-pqpj", "severity": "HIGH", "summary": "FastMCP OAuth Proxy token reuse across MCP servers" }, { "id": "GHSA-c2jp-c369-7pvx", "severity": "HIGH", "summary": "FastMCP Auth Integration Allows for Confused Deputy Account Takeover" }, { "id": "GHSA-m8x7-r2rg-vh5g", "severity": "MEDIUM", "summary": "FastMCP has a Command Injection vulnerability - Gemini CLI" }, { "id": "GHSA-mxxr-jv3v-6pgc", "severity": "MEDIUM", "summary": "FastMCP vulnerable to reflected XSS in client's callback page" }, { "id": "GHSA-rcfx-77hg-w2wv", "severity": "HIGH", "summary": "FastMCP updated to MCP 1.23+ due to CVE-2025-66416" }, { "id": "GHSA-rj5c-58rq-j5g5", "severity": "MEDIUM", "summary": "FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name" }, { "id": "GHSA-rww4-4w9c-7733", "severity": "HIGH", "summary": "FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities" }, { "id": "GHSA-vv7q-7jx5-f767", "severity": "CRITICAL", "summary": "FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability" } ] } }, { "name": "agentlens-mcp", "version": "0.2.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 5, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "agentline-mcp", "version": "0.1.1", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ] } }, { "name": "agentmail-mcp", "version": "0.3.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 19, "max_severity": "CRITICAL", "tactic_exposure": { "Code Execution": [ "GHSA-345p-7cg4-v4c7", "GHSA-8r9q-7v3j-jr4g", "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh", "GHSA-5h2m-4q8j-pqpj", "GHSA-c2jp-c369-7pvx", "GHSA-m8x7-r2rg-vh5g", "GHSA-rj5c-58rq-j5g5", "GHSA-rww4-4w9c-7733" ], "Infrastructure & Runtime": [ "GHSA-8r9q-7v3j-jr4g", "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-mf9w-mj56-hr94", "GHSA-rcfx-77hg-w2wv" ], "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183", "GHSA-mxxr-jv3v-6pgc" ], "Privilege Escalation": [ "GHSA-mf9w-mj56-hr94", "GHSA-rww4-4w9c-7733", "GHSA-vv7q-7jx5-f767" ], "Credential Scope": [ "GHSA-mf9w-mj56-hr94", "GHSA-5h2m-4q8j-pqpj", "GHSA-vv7q-7jx5-f767" ], "RAG & Memory Poisoning": [ "GHSA-vv7q-7jx5-f767" ], "Output Weaponization": [ "GHSA-vv7q-7jx5-f767" ] }, "direct_vulns": [], "dep_vulns": { "@modelcontextprotocol/sdk": [ { "id": "GHSA-345p-7cg4-v4c7", "severity": "HIGH", "summary": "@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse" }, { "id": "GHSA-8r9q-7v3j-jr4g", "severity": "HIGH", "summary": "Anthropic's MCP TypeScript SDK has a ReDoS vulnerability" } ], "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" }, { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "python-dotenv": [ { "id": "GHSA-mf9w-mj56-hr94", "severity": "MEDIUM", "summary": "python-dotenv: Symlink following in set_key allows arbitrary file overwrite via cross-device rename fallback" } ], "fastmcp": [ { "id": "GHSA-5h2m-4q8j-pqpj", "severity": "HIGH", "summary": "FastMCP OAuth Proxy token reuse across MCP servers" }, { "id": "GHSA-c2jp-c369-7pvx", "severity": "HIGH", "summary": "FastMCP Auth Integration Allows for Confused Deputy Account Takeover" }, { "id": "GHSA-m8x7-r2rg-vh5g", "severity": "MEDIUM", "summary": "FastMCP has a Command Injection vulnerability - Gemini CLI" }, { "id": "GHSA-mxxr-jv3v-6pgc", "severity": "MEDIUM", "summary": "FastMCP vulnerable to reflected XSS in client's callback page" }, { "id": "GHSA-rcfx-77hg-w2wv", "severity": "HIGH", "summary": "FastMCP updated to MCP 1.23+ due to CVE-2025-66416" }, { "id": "GHSA-rj5c-58rq-j5g5", "severity": "MEDIUM", "summary": "FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name" }, { "id": "GHSA-rww4-4w9c-7733", "severity": "HIGH", "summary": "FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities" }, { "id": "GHSA-vv7q-7jx5-f767", "severity": "CRITICAL", "summary": "FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability" } ] } }, { "name": "agentmakemcp", "version": "0.0.9", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 8, "max_severity": "CRITICAL", "tactic_exposure": { "Code Execution": [ "GHSA-5h2m-4q8j-pqpj", "GHSA-c2jp-c369-7pvx", "GHSA-m8x7-r2rg-vh5g", "GHSA-rj5c-58rq-j5g5", "GHSA-rww4-4w9c-7733" ], "Credential Scope": [ "GHSA-5h2m-4q8j-pqpj", "GHSA-vv7q-7jx5-f767" ], "Prompt Injection": [ "GHSA-mxxr-jv3v-6pgc" ], "Infrastructure & Runtime": [ "GHSA-rcfx-77hg-w2wv" ], "Privilege Escalation": [ "GHSA-rww4-4w9c-7733", "GHSA-vv7q-7jx5-f767" ], "RAG & Memory Poisoning": [ "GHSA-vv7q-7jx5-f767" ], "Output Weaponization": [ "GHSA-vv7q-7jx5-f767" ] }, "direct_vulns": [], "dep_vulns": { "fastmcp": [ { "id": "GHSA-5h2m-4q8j-pqpj", "severity": "HIGH", "summary": "FastMCP OAuth Proxy token reuse across MCP servers" }, { "id": "GHSA-c2jp-c369-7pvx", "severity": "HIGH", "summary": "FastMCP Auth Integration Allows for Confused Deputy Account Takeover" }, { "id": "GHSA-m8x7-r2rg-vh5g", "severity": "MEDIUM", "summary": "FastMCP has a Command Injection vulnerability - Gemini CLI" }, { "id": "GHSA-mxxr-jv3v-6pgc", "severity": "MEDIUM", "summary": "FastMCP vulnerable to reflected XSS in client's callback page" }, { "id": "GHSA-rcfx-77hg-w2wv", "severity": "HIGH", "summary": "FastMCP updated to MCP 1.23+ due to CVE-2025-66416" }, { "id": "GHSA-rj5c-58rq-j5g5", "severity": "MEDIUM", "summary": "FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name" }, { "id": "GHSA-rww4-4w9c-7733", "severity": "HIGH", "summary": "FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities" }, { "id": "GHSA-vv7q-7jx5-f767", "severity": "CRITICAL", "summary": "FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability" } ] } }, { "name": "agentman-mcp", "version": "0.1.6", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 4, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-6w46-j5rx-g56g", "GHSA-fj7x-q9j7-g6q6", "PYSEC-2024-48" ], "RAG & Memory Poisoning": [ "GHSA-3936-cmfr-pm3m" ] }, "direct_vulns": [], "dep_vulns": { "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ], "black": [ { "id": "GHSA-3936-cmfr-pm3m", "severity": "HIGH", "summary": "Black: Arbitrary file writes from unsanitized user input in cache file name" }, { "id": "GHSA-fj7x-q9j7-g6q6", "severity": "MEDIUM", "summary": "Black vulnerable to Regular Expression Denial of Service (ReDoS)" }, { "id": "PYSEC-2024-48", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "agent-mcp", "version": "0.1.8", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 121, "max_severity": "CRITICAL", "tactic_exposure": { "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183", "GHSA-7gpw-8wmc-pm8g", "GHSA-45pg-36p6-83v9", "GHSA-6h8p-4hx9-w66c", "GHSA-8h5w-f6q9-wg35", "GHSA-fprp-p869-w6q2", "PYSEC-2023-18", "PYSEC-2024-115", "GHSA-q3cj-2r34-2cwc" ], "Infrastructure & Runtime": [ "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47", "GHSA-6w46-j5rx-g56g", "GHSA-2vrm-gr82-f7m5", "GHSA-3wq7-rqq7-wx6j", "GHSA-45c4-8wx5-qw6w", "GHSA-5m98-qgg9-wh84", "GHSA-63hf-3vf5-4wqf", "GHSA-69f9-5gxw-wvc2", "GHSA-6jhg-hg63-jvvf", "GHSA-6mq8-rvhq-8wgg", "GHSA-8495-4g3g-x7pr", "GHSA-9548-qrrj-x5pj", "GHSA-966j-vmvw-g2g9", "GHSA-c427-h43c-vf67", "GHSA-fh55-r93g-j68g", "GHSA-g84x-mcqj-x9qq", "GHSA-hcc4-c3v8-rx92", "GHSA-jj3x-wxrx-4x23", "GHSA-m5qp-6w8w-w647", "GHSA-mqqc-3gqh-h2x8", "GHSA-mwh4-6h8g-pg8w", "GHSA-pjjw-qhg8-p2p9", "GHSA-q3qx-c6g2-7pw2", "GHSA-qvrw-v9rv-5rjx", "GHSA-w2fm-2cpv-w7v5", "PYSEC-2023-120", "PYSEC-2023-246", "PYSEC-2023-250", "PYSEC-2023-251", "GHSA-mf9w-mj56-hr94", "GHSA-8h2j-cgx8-6xv7", "PYSEC-2021-100", "PYSEC-2024-38", "GHSA-6c5p-j8vq-pqhj", "GHSA-cjwg-qfpm-7377", "GHSA-w799-prg3-cx77", "PYSEC-2017-28", "PYSEC-2024-232", "PYSEC-2024-233", "GHSA-2jv5-9r88-3w3p", "GHSA-59g5-xgcq-4qw3", "GHSA-mj87-hwqh-73pj", "GHSA-f97h-2pfx-f59f", "PYSEC-2020-151", "PYSEC-2018-79", "GHSA-fj7x-q9j7-g6q6", "PYSEC-2024-48", "GHSA-3hjh-jh2h-vrg6", "GHSA-45pg-36p6-83v9", "GHSA-7q94-qpjr-xpgm", "PYSEC-2023-110", "PYSEC-2024-115", "PYSEC-2024-118", "GHSA-3ww4-gg4f-jr7f", "GHSA-9v9h-cgj8-h64p", "GHSA-hggm-jpg3-v476", "GHSA-r6ph-v2qm-q3c2", "PYSEC-2017-8", "PYSEC-2021-62" ], "Code Execution": [ "GHSA-3wq7-rqq7-wx6j", "GHSA-54jq-c3m8-4m76", "GHSA-8qpw-xqxj-h4r2", "GHSA-gfw2-4jvh-wgfg", "GHSA-p998-jp59-783m", "PYSEC-2024-26", "PYSEC-2024-38", "GHSA-cjwg-qfpm-7377", "PYSEC-2024-233", "GHSA-2jv5-9r88-3w3p", "GHSA-33c7-2mpw-hg34", "PYSEC-2020-150", "GHSA-2qmj-7962-cjq8", "GHSA-3hjh-jh2h-vrg6", "GHSA-57fc-8q82-gfp3", "GHSA-6643-h7h5-x9wh", "GHSA-6h8p-4hx9-w66c", "GHSA-7gfq-f96f-g85j", "GHSA-8h5w-f6q9-wg35", "GHSA-92j5-3459-qgp4", "GHSA-f73w-4m7g-ch9x", "GHSA-fj32-q626-pjjc", "GHSA-fprp-p869-w6q2", "GHSA-gwqq-6vq7-5j86", "GHSA-h59x-p739-982c", "GHSA-prgp-w7vf-ch62", "GHSA-rgp8-pm28-3759", "GHSA-x32c-59v5-h7fg", "PYSEC-2023-109", "PYSEC-2023-138", "PYSEC-2023-145", "PYSEC-2023-146", "PYSEC-2023-147", "PYSEC-2023-151", "PYSEC-2023-162", "PYSEC-2023-18", "PYSEC-2023-91", "PYSEC-2023-92", "PYSEC-2023-98", "PYSEC-2024-118", "PYSEC-2024-43", "GHSA-g48c-2wqr-h844", "GHSA-r7w7-9xr2-qq2r", "GHSA-9v9h-cgj8-h64p", "GHSA-m959-cc7f-wv43", "GHSA-h5gc-rm8j-5gpr", "GHSA-q25c-c977-4cmh", "PYSEC-2025-70", "GHSA-q4xr-rc97-m4xx", "PYSEC-2021-858" ], "RAG & Memory Poisoning": [ "GHSA-54jq-c3m8-4m76", "GHSA-xx9p-xxvh-7g8j", "GHSA-wp53-j4wj-2cfg", "GHSA-3936-cmfr-pm3m", "GHSA-h59x-p739-982c", "GHSA-rgp8-pm28-3759", "PYSEC-2024-43" ], "Credential Scope": [ "GHSA-p998-jp59-783m", "GHSA-mf9w-mj56-hr94", "GHSA-cjwg-qfpm-7377", "PYSEC-2024-233", "GHSA-8ch4-58qp-g3mp", "PYSEC-2021-95", "GHSA-h59x-p739-982c", "PYSEC-2024-43", "GHSA-g48c-2wqr-h844", "GHSA-q25c-c977-4cmh" ], "Output Weaponization": [ "GHSA-p998-jp59-783m", "GHSA-v6wp-4m6f-gcjg", "GHSA-xx9p-xxvh-7g8j", "PYSEC-2021-76", "PYSEC-2023-247", "GHSA-45pg-36p6-83v9", "GHSA-655w-fm8m-m478", "GHSA-6h8p-4hx9-w66c", "GHSA-h9j7-5xvc-qhg5", "GHSA-rgp8-pm28-3759", "PYSEC-2023-205", "PYSEC-2024-115", "GHSA-r7w7-9xr2-qq2r", "GHSA-h5gc-rm8j-5gpr", "GHSA-pc6w-59fv-rh23", "GHSA-q25c-c977-4cmh", "PYSEC-2025-70" ], "Privilege Escalation": [ "GHSA-mf9w-mj56-hr94", "GHSA-g48c-2wqr-h844" ], "Tool Poisoning": [ "GHSA-g48c-2wqr-h844", "GHSA-f2jm-rw3h-6phg" ] }, "direct_vulns": [], "dep_vulns": { "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ], "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ], "aiohttp": [ { "id": "GHSA-2vrm-gr82-f7m5", "severity": "LOW", "summary": "AIOHTTP has CRLF injection through multipart part content type header construction" }, { "id": "GHSA-3wq7-rqq7-wx6j", "severity": "LOW", "summary": "AIOHTTP has late size enforcement for non-file multipart fields causes memory DoS" }, { "id": "GHSA-45c4-8wx5-qw6w", "severity": "MEDIUM", "summary": "aiohttp.web.Application vulnerable to HTTP request smuggling via llhttp HTTP request parser" }, { "id": "GHSA-54jq-c3m8-4m76", "severity": "LOW", "summary": "AIOHTTP vulnerable to brute-force leak of internal static \ufb01le path components" }, { "id": "GHSA-5m98-qgg9-wh84", "severity": "HIGH", "summary": "aiohttp vulnerable to Denial of Service when trying to parse malformed POST requests" }, { "id": "GHSA-63hf-3vf5-4wqf", "severity": "LOW", "summary": "AIOHTTP's C parser (llhttp) accepts null bytes and control characters in response header values - header injection/security bypass" }, { "id": "GHSA-69f9-5gxw-wvc2", "severity": "LOW", "summary": "AIOHTTP's unicode processing of header values could cause parsing discrepancies" }, { "id": "GHSA-6jhg-hg63-jvvf", "severity": "MEDIUM", "summary": "AIOHTTP vulnerable to denial of service through large payloads" }, { "id": "GHSA-6mq8-rvhq-8wgg", "severity": "HIGH", "summary": "AIOHTTP's HTTP Parser auto_decompress feature is vulnerable to zip bomb" }, { "id": "GHSA-7gpw-8wmc-pm8g", "severity": "MEDIUM", "summary": "aiohttp Cross-site Scripting vulnerability on index pages for static file handling" }, { "id": "GHSA-8495-4g3g-x7pr", "severity": "MEDIUM", "summary": "aiohttp allows request smuggling due to incorrect parsing of chunk extensions" }, { "id": "GHSA-8qpw-xqxj-h4r2", "severity": "MEDIUM", "summary": "aiohttp's HTTP parser (the python one, not llhttp) still overly lenient about separators" }, { "id": "GHSA-9548-qrrj-x5pj", "severity": "LOW", "summary": " AIOHTTP is vulnerable to HTTP Request/Response Smuggling through incorrect parsing of chunked trailer sections" }, { "id": "GHSA-966j-vmvw-g2g9", "severity": "LOW", "summary": "AIOHTTP leaks Cookie and Proxy-Authorization headers on cross-origin redirect" }, { "id": "GHSA-c427-h43c-vf67", "severity": "MEDIUM", "summary": "AIOHTTP accepts duplicate Host headers" }, { "id": "GHSA-fh55-r93g-j68g", "severity": "LOW", "summary": "AIOHTTP Vulnerable to Cookie Parser Warning Storm" }, { "id": "GHSA-g84x-mcqj-x9qq", "severity": "MEDIUM", "summary": "AIOHTTP vulnerable to DoS through chunked messages" }, { "id": "GHSA-gfw2-4jvh-wgfg", "severity": "MEDIUM", "summary": "AIOHTTP has problems in HTTP parser (the python one, not llhttp)" }, { "id": "GHSA-hcc4-c3v8-rx92", "severity": "LOW", "summary": "AIOHTTP Affected by Denial of Service (DoS) via Unbounded DNS Cache in TCPConnector" }, { "id": "GHSA-jj3x-wxrx-4x23", "severity": "MEDIUM", "summary": "AIOHTTP vulnerable to DoS when bypassing asserts" }, { "id": "GHSA-m5qp-6w8w-w647", "severity": "MEDIUM", "summary": "AIOHTTP has a Multipart Header Size Bypass" }, { "id": "GHSA-mqqc-3gqh-h2x8", "severity": "LOW", "summary": "AIOHTTP has unicode match groups in regexes for ASCII protocol elements" }, { "id": "GHSA-mwh4-6h8g-pg8w", "severity": "LOW", "summary": "AIOHTTP has HTTP response splitting via \\r in reason phrase" }, { "id": "GHSA-p998-jp59-783m", "severity": "MEDIUM", "summary": "AIOHTTP affected by UNC SSRF/NTLMv2 Credential Theft/Local File Read in static resource handler on Windows" }, { "id": "GHSA-pjjw-qhg8-p2p9", "severity": "MEDIUM", "summary": "aiohttp has vulnerable dependency that is vulnerable to request smuggling" }, { "id": "GHSA-q3qx-c6g2-7pw2", "severity": "MEDIUM", "summary": "aiohttp's ClientSession is vulnerable to CRLF injection via version" }, { "id": "GHSA-qvrw-v9rv-5rjx", "severity": "MEDIUM", "summary": "aiohttp's ClientSession is vulnerable to CRLF injection via method" }, { "id": "GHSA-v6wp-4m6f-gcjg", "severity": "LOW", "summary": "`aiohttp` Open Redirect vulnerability (`normalize_path_middleware` middleware)" }, { "id": "GHSA-w2fm-2cpv-w7v5", "severity": "MEDIUM", "summary": "aiohttp allows unlimited trailer headers, leading to possible uncapped memory usage" }, { "id": "GHSA-xx9p-xxvh-7g8j", "severity": "LOW", "summary": "Aiohttp has inconsistent interpretation of `Content-Length` vs. `Transfer-Encoding` differing in C and Python fallbacks" }, { "id": "PYSEC-2021-76", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-120", "severity": "UNKNOWN", "summary": "aiohttp.web.Application vulnerable to HTTP request smuggling via llhttp HTTP request parser" }, { "id": "PYSEC-2023-246", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-247", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-250", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-251", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-26", "severity": "UNKNOWN", "summary": "" } ], "python-dotenv": [ { "id": "GHSA-mf9w-mj56-hr94", "severity": "MEDIUM", "summary": "python-dotenv: Symlink following in set_key allows arbitrary file overwrite via cross-device rename fallback" } ], "fastapi": [ { "id": "GHSA-8h2j-cgx8-6xv7", "severity": "HIGH", "summary": "Cross-Site Request Forgery (CSRF) in FastAPI" }, { "id": "PYSEC-2021-100", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-38", "severity": "UNKNOWN", "summary": "" } ], "python-jose": [ { "id": "GHSA-6c5p-j8vq-pqhj", "severity": "CRITICAL", "summary": "python-jose algorithm confusion with OpenSSH ECDSA keys" }, { "id": "GHSA-cjwg-qfpm-7377", "severity": "MEDIUM", "summary": "python-jose denial of service via compressed JWE content" }, { "id": "GHSA-w799-prg3-cx77", "severity": "CRITICAL", "summary": "python-jose failure to use a constant time comparison for HMAC keys" }, { "id": "PYSEC-2017-28", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-232", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-233", "severity": "UNKNOWN", "summary": "" } ], "python-multipart": [ { "id": "GHSA-2jv5-9r88-3w3p", "severity": "HIGH", "summary": "python-multipart vulnerable to Content-Type Header ReDoS" }, { "id": "GHSA-59g5-xgcq-4qw3", "severity": "HIGH", "summary": "Denial of service (DoS) via deformation `multipart/form-data` boundary" }, { "id": "GHSA-mj87-hwqh-73pj", "severity": "MEDIUM", "summary": "python-multipart affected by Denial of Service via large multipart preamble or epilogue data" }, { "id": "GHSA-wp53-j4wj-2cfg", "severity": "HIGH", "summary": "Python-Multipart has Arbitrary File Write via Non-Default Configuration" } ], "uvicorn": [ { "id": "GHSA-33c7-2mpw-hg34", "severity": "HIGH", "summary": "Log injection in uvicorn" }, { "id": "GHSA-f97h-2pfx-f59f", "severity": "HIGH", "summary": "HTTP response splitting in uvicorn" }, { "id": "PYSEC-2020-150", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2020-151", "severity": "UNKNOWN", "summary": "" } ], "websockets": [ { "id": "GHSA-8ch4-58qp-g3mp", "severity": "HIGH", "summary": "Observable Timing Discrepancy in aaugustin websockets library" }, { "id": "PYSEC-2018-79", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-95", "severity": "UNKNOWN", "summary": "" } ], "black": [ { "id": "GHSA-3936-cmfr-pm3m", "severity": "HIGH", "summary": "Black: Arbitrary file writes from unsanitized user input in cache file name" }, { "id": "GHSA-fj7x-q9j7-g6q6", "severity": "MEDIUM", "summary": "Black vulnerable to Regular Expression Denial of Service (ReDoS)" }, { "id": "PYSEC-2024-48", "severity": "UNKNOWN", "summary": "" } ], "langchain": [ { "id": "GHSA-2qmj-7962-cjq8", "severity": "CRITICAL", "summary": "langchain arbitrary code execution vulnerability" }, { "id": "GHSA-3hjh-jh2h-vrg6", "severity": "MEDIUM", "summary": "Denial of service in langchain-community" }, { "id": "GHSA-45pg-36p6-83v9", "severity": "LOW", "summary": "Langchain SQL Injection vulnerability" }, { "id": "GHSA-57fc-8q82-gfp3", "severity": "CRITICAL", "summary": "langchain vulnerable to arbitrary code execution" }, { "id": "GHSA-655w-fm8m-m478", "severity": "HIGH", "summary": "LangChain Server Side Request Forgery vulnerability" }, { "id": "GHSA-6643-h7h5-x9wh", "severity": "CRITICAL", "summary": "Langchain vulnerable to arbitrary code execution" }, { "id": "GHSA-6h8p-4hx9-w66c", "severity": "HIGH", "summary": "Langchain Server-Side Request Forgery vulnerability" }, { "id": "GHSA-7gfq-f96f-g85j", "severity": "CRITICAL", "summary": "langchain vulnerable to arbitrary code execution" }, { "id": "GHSA-7q94-qpjr-xpgm", "severity": "HIGH", "summary": "langchain SQL Injection vulnerability" }, { "id": "GHSA-8h5w-f6q9-wg35", "severity": "CRITICAL", "summary": "Langchain SQL Injection vulnerability" }, { "id": "GHSA-92j5-3459-qgp4", "severity": "CRITICAL", "summary": "LangChain vulnerable to arbitrary code execution" }, { "id": "GHSA-f73w-4m7g-ch9x", "severity": "CRITICAL", "summary": "Langchain vulnerable to arbitrary code execution via the evaluate function in the numexpr library" }, { "id": "GHSA-fj32-q626-pjjc", "severity": "CRITICAL", "summary": "LangChain vulnerable to arbitrary code execution" }, { "id": "GHSA-fprp-p869-w6q2", "severity": "CRITICAL", "summary": "LangChain vulnerable to code injection" }, { "id": "GHSA-gwqq-6vq7-5j86", "severity": "CRITICAL", "summary": "langchain Code Injection vulnerability" }, { "id": "GHSA-h59x-p739-982c", "severity": "LOW", "summary": "LangChain directory traversal vulnerability" }, { "id": "GHSA-h9j7-5xvc-qhg5", "severity": "LOW", "summary": "langchain Server-Side Request Forgery vulnerability" }, { "id": "GHSA-prgp-w7vf-ch62", "severity": "CRITICAL", "summary": "LangChain vulnerable to arbitrary code execution" }, { "id": "GHSA-rgp8-pm28-3759", "severity": "MEDIUM", "summary": "langchain vulnerable to path traversal" }, { "id": "GHSA-x32c-59v5-h7fg", "severity": "CRITICAL", "summary": "Langchain OS Command Injection vulnerability" }, { "id": "PYSEC-2023-109", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-110", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-138", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-145", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-146", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-147", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-151", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-162", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-18", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-205", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-91", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-92", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2023-98", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-115", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-118", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2024-43", "severity": "UNKNOWN", "summary": "" } ], "langgraph": [ { "id": "GHSA-g48c-2wqr-h844", "severity": "MEDIUM", "summary": "LangGraph checkpoint loading has unsafe msgpack deserialization" } ], "langchain-openai": [ { "id": "GHSA-r7w7-9xr2-qq2r", "severity": "LOW", "summary": "langchain-openai: Image token counting SSRF protection can be bypassed via DNS rebinding" } ], "cryptography": [ { "id": "GHSA-3ww4-gg4f-jr7f", "severity": "HIGH", "summary": "Python Cryptography package vulnerable to Bleichenbacher timing oracle attack" }, { "id": "GHSA-9v9h-cgj8-h64p", "severity": "MEDIUM", "summary": "Null pointer dereference in PKCS12 parsing" }, { "id": "GHSA-hggm-jpg3-v476", "severity": "HIGH", "summary": "RSA decryption vulnerable to Bleichenbacher timing vulnerability" }, { "id": "GHSA-m959-cc7f-wv43", "severity": "LOW", "summary": "cryptography has incomplete DNS name constraint enforcement on peer names" }, { "id": "GHSA-q3cj-2r34-2cwc", "severity": "HIGH", "summary": "Improper input validation in cryptography" }, { "id": "GHSA-r6ph-v2qm-q3c2", "severity": "HIGH", "summary": "cryptography Vulnerable to a Subgroup Attack Due to Missing Subgroup Validation for SECT Curves" }, { "id": "PYSEC-2017-8", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-62", "severity": "UNKNOWN", "summary": "" } ], "langchain-community": [ { "id": "GHSA-3hjh-jh2h-vrg6", "severity": "MEDIUM", "summary": "Denial of service in langchain-community" }, { "id": "GHSA-f2jm-rw3h-6phg", "severity": "HIGH", "summary": "LangChain pickle deserialization of untrusted data" }, { "id": "GHSA-h5gc-rm8j-5gpr", "severity": "HIGH", "summary": "LangChain Community SSRF vulnerability exists in RequestsToolkit component " }, { "id": "GHSA-pc6w-59fv-rh23", "severity": "HIGH", "summary": "Langchain Community Vulnerable to XML External Entity (XXE) Attacks" }, { "id": "GHSA-q25c-c977-4cmh", "severity": "MEDIUM", "summary": "Server-Side Request Forgery in langchain-community.retrievers.web_research.WebResearchRetriever" }, { "id": "PYSEC-2025-70", "severity": "UNKNOWN", "summary": "" } ], "celery": [ { "id": "GHSA-q4xr-rc97-m4xx", "severity": "HIGH", "summary": "OS Command Injection in celery" }, { "id": "PYSEC-2021-858", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "agent-mcp-framework", "version": "0.1.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 7, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47", "GHSA-6w46-j5rx-g56g" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ], "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ] } }, { "name": "agent-mcp-gateway", "version": "0.2.5", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 8, "max_severity": "CRITICAL", "tactic_exposure": { "Code Execution": [ "GHSA-5h2m-4q8j-pqpj", "GHSA-c2jp-c369-7pvx", "GHSA-m8x7-r2rg-vh5g", "GHSA-rj5c-58rq-j5g5", "GHSA-rww4-4w9c-7733" ], "Credential Scope": [ "GHSA-5h2m-4q8j-pqpj", "GHSA-vv7q-7jx5-f767" ], "Prompt Injection": [ "GHSA-mxxr-jv3v-6pgc" ], "Infrastructure & Runtime": [ "GHSA-rcfx-77hg-w2wv" ], "Privilege Escalation": [ "GHSA-rww4-4w9c-7733", "GHSA-vv7q-7jx5-f767" ], "RAG & Memory Poisoning": [ "GHSA-vv7q-7jx5-f767" ], "Output Weaponization": [ "GHSA-vv7q-7jx5-f767" ] }, "direct_vulns": [], "dep_vulns": { "fastmcp": [ { "id": "GHSA-5h2m-4q8j-pqpj", "severity": "HIGH", "summary": "FastMCP OAuth Proxy token reuse across MCP servers" }, { "id": "GHSA-c2jp-c369-7pvx", "severity": "HIGH", "summary": "FastMCP Auth Integration Allows for Confused Deputy Account Takeover" }, { "id": "GHSA-m8x7-r2rg-vh5g", "severity": "MEDIUM", "summary": "FastMCP has a Command Injection vulnerability - Gemini CLI" }, { "id": "GHSA-mxxr-jv3v-6pgc", "severity": "MEDIUM", "summary": "FastMCP vulnerable to reflected XSS in client's callback page" }, { "id": "GHSA-rcfx-77hg-w2wv", "severity": "HIGH", "summary": "FastMCP updated to MCP 1.23+ due to CVE-2025-66416" }, { "id": "GHSA-rj5c-58rq-j5g5", "severity": "MEDIUM", "summary": "FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name" }, { "id": "GHSA-rww4-4w9c-7733", "severity": "HIGH", "summary": "FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities" }, { "id": "GHSA-vv7q-7jx5-f767", "severity": "CRITICAL", "summary": "FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability" } ] } }, { "name": "agent_mcp_governance", "version": "3.3.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "agent-mcp-server", "version": "0.1.1", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 13, "max_severity": "CRITICAL", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-6w46-j5rx-g56g", "GHSA-rcfx-77hg-w2wv", "GHSA-pjjw-68hj-v9mw" ], "Code Execution": [ "GHSA-5h2m-4q8j-pqpj", "GHSA-c2jp-c369-7pvx", "GHSA-m8x7-r2rg-vh5g", "GHSA-rj5c-58rq-j5g5", "GHSA-rww4-4w9c-7733", "GHSA-8qf3-x8v5-2pj8", "GHSA-pqhf-p39g-3x64", "GHSA-w476-p2h3-79g9" ], "Credential Scope": [ "GHSA-5h2m-4q8j-pqpj", "GHSA-vv7q-7jx5-f767" ], "Prompt Injection": [ "GHSA-mxxr-jv3v-6pgc" ], "Privilege Escalation": [ "GHSA-rww4-4w9c-7733", "GHSA-vv7q-7jx5-f767" ], "RAG & Memory Poisoning": [ "GHSA-vv7q-7jx5-f767" ], "Output Weaponization": [ "GHSA-vv7q-7jx5-f767" ], "Supply Chain": [ "GHSA-8qf3-x8v5-2pj8", "GHSA-pqhf-p39g-3x64" ], "Anti-Forensics": [ "GHSA-8qf3-x8v5-2pj8", "GHSA-pqhf-p39g-3x64" ] }, "direct_vulns": [], "dep_vulns": { "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ], "fastmcp": [ { "id": "GHSA-5h2m-4q8j-pqpj", "severity": "HIGH", "summary": "FastMCP OAuth Proxy token reuse across MCP servers" }, { "id": "GHSA-c2jp-c369-7pvx", "severity": "HIGH", "summary": "FastMCP Auth Integration Allows for Confused Deputy Account Takeover" }, { "id": "GHSA-m8x7-r2rg-vh5g", "severity": "MEDIUM", "summary": "FastMCP has a Command Injection vulnerability - Gemini CLI" }, { "id": "GHSA-mxxr-jv3v-6pgc", "severity": "MEDIUM", "summary": "FastMCP vulnerable to reflected XSS in client's callback page" }, { "id": "GHSA-rcfx-77hg-w2wv", "severity": "HIGH", "summary": "FastMCP updated to MCP 1.23+ due to CVE-2025-66416" }, { "id": "GHSA-rj5c-58rq-j5g5", "severity": "MEDIUM", "summary": "FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name" }, { "id": "GHSA-rww4-4w9c-7733", "severity": "HIGH", "summary": "FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities" }, { "id": "GHSA-vv7q-7jx5-f767", "severity": "CRITICAL", "summary": "FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability" } ], "uv": [ { "id": "GHSA-8qf3-x8v5-2pj8", "severity": "MEDIUM", "summary": "uv allows ZIP payload obfuscation through parsing differentials" }, { "id": "GHSA-pjjw-68hj-v9mw", "severity": "LOW", "summary": "uv vulnerable to arbitrary file deletion through RECORD entries" }, { "id": "GHSA-pqhf-p39g-3x64", "severity": "MEDIUM", "summary": "uv allows ZIP payload obfuscation through parsing differentials" }, { "id": "GHSA-w476-p2h3-79g9", "severity": "LOW", "summary": "uv has differential in tar extraction with PAX headers" } ] } }, { "name": "agent-memory-mcp", "version": "0.1.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 10, "max_severity": "CRITICAL", "tactic_exposure": { "Prompt Injection": [ "GHSA-h8pj-cxx2-jfg2", "PYSEC-2022-183", "GHSA-mxxr-jv3v-6pgc" ], "Code Execution": [ "GHSA-5h2m-4q8j-pqpj", "GHSA-c2jp-c369-7pvx", "GHSA-m8x7-r2rg-vh5g", "GHSA-rj5c-58rq-j5g5", "GHSA-rww4-4w9c-7733" ], "Credential Scope": [ "GHSA-5h2m-4q8j-pqpj", "GHSA-vv7q-7jx5-f767" ], "Infrastructure & Runtime": [ "GHSA-rcfx-77hg-w2wv" ], "Privilege Escalation": [ "GHSA-rww4-4w9c-7733", "GHSA-vv7q-7jx5-f767" ], "RAG & Memory Poisoning": [ "GHSA-vv7q-7jx5-f767" ], "Output Weaponization": [ "GHSA-vv7q-7jx5-f767" ] }, "direct_vulns": [], "dep_vulns": { "httpx": [ { "id": "GHSA-h8pj-cxx2-jfg2", "severity": "CRITICAL", "summary": "Improper Input Validation in httpx" }, { "id": "PYSEC-2022-183", "severity": "UNKNOWN", "summary": "" } ], "fastmcp": [ { "id": "GHSA-5h2m-4q8j-pqpj", "severity": "HIGH", "summary": "FastMCP OAuth Proxy token reuse across MCP servers" }, { "id": "GHSA-c2jp-c369-7pvx", "severity": "HIGH", "summary": "FastMCP Auth Integration Allows for Confused Deputy Account Takeover" }, { "id": "GHSA-m8x7-r2rg-vh5g", "severity": "MEDIUM", "summary": "FastMCP has a Command Injection vulnerability - Gemini CLI" }, { "id": "GHSA-mxxr-jv3v-6pgc", "severity": "MEDIUM", "summary": "FastMCP vulnerable to reflected XSS in client's callback page" }, { "id": "GHSA-rcfx-77hg-w2wv", "severity": "HIGH", "summary": "FastMCP updated to MCP 1.23+ due to CVE-2025-66416" }, { "id": "GHSA-rj5c-58rq-j5g5", "severity": "MEDIUM", "summary": "FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name" }, { "id": "GHSA-rww4-4w9c-7733", "severity": "HIGH", "summary": "FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities" }, { "id": "GHSA-vv7q-7jx5-f767", "severity": "CRITICAL", "summary": "FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability" } ] } }, { "name": "agent-memory-mcp-server", "version": "0.1.1", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 6, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "agentmesh_mcp_proxy", "version": "3.3.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 1, "max_severity": "MEDIUM", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-6w46-j5rx-g56g" ] }, "direct_vulns": [], "dep_vulns": { "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ] } }, { "name": "agentmesh_mcp_receipts", "version": "3.3.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 17, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-6w46-j5rx-g56g", "GHSA-3ww4-gg4f-jr7f", "GHSA-9v9h-cgj8-h64p", "GHSA-hggm-jpg3-v476", "GHSA-r6ph-v2qm-q3c2", "PYSEC-2017-8", "PYSEC-2021-62" ], "Code Execution": [ "GHSA-9v9h-cgj8-h64p", "GHSA-m959-cc7f-wv43" ], "Prompt Injection": [ "GHSA-q3cj-2r34-2cwc" ] }, "direct_vulns": [], "dep_vulns": { "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ], "cryptography": [ { "id": "GHSA-3ww4-gg4f-jr7f", "severity": "HIGH", "summary": "Python Cryptography package vulnerable to Bleichenbacher timing oracle attack" }, { "id": "GHSA-9v9h-cgj8-h64p", "severity": "MEDIUM", "summary": "Null pointer dereference in PKCS12 parsing" }, { "id": "GHSA-hggm-jpg3-v476", "severity": "HIGH", "summary": "RSA decryption vulnerable to Bleichenbacher timing vulnerability" }, { "id": "GHSA-m959-cc7f-wv43", "severity": "LOW", "summary": "cryptography has incomplete DNS name constraint enforcement on peer names" }, { "id": "GHSA-q3cj-2r34-2cwc", "severity": "HIGH", "summary": "Improper input validation in cryptography" }, { "id": "GHSA-r6ph-v2qm-q3c2", "severity": "HIGH", "summary": "cryptography Vulnerable to a Subgroup Attack Due to Missing Subgroup Validation for SECT Curves" }, { "id": "PYSEC-2017-8", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-62", "severity": "UNKNOWN", "summary": "" }, { "id": "GHSA-3ww4-gg4f-jr7f", "severity": "HIGH", "summary": "Python Cryptography package vulnerable to Bleichenbacher timing oracle attack" }, { "id": "GHSA-9v9h-cgj8-h64p", "severity": "MEDIUM", "summary": "Null pointer dereference in PKCS12 parsing" }, { "id": "GHSA-hggm-jpg3-v476", "severity": "HIGH", "summary": "RSA decryption vulnerable to Bleichenbacher timing vulnerability" }, { "id": "GHSA-m959-cc7f-wv43", "severity": "LOW", "summary": "cryptography has incomplete DNS name constraint enforcement on peer names" }, { "id": "GHSA-q3cj-2r34-2cwc", "severity": "HIGH", "summary": "Improper input validation in cryptography" }, { "id": "GHSA-r6ph-v2qm-q3c2", "severity": "HIGH", "summary": "cryptography Vulnerable to a Subgroup Attack Due to Missing Subgroup Validation for SECT Curves" }, { "id": "PYSEC-2017-8", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-62", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "agentmesh-mcp-server", "version": "3.3.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 0, "max_severity": "NONE", "tactic_exposure": {}, "direct_vulns": [], "dep_vulns": {} }, { "name": "agentmesh_mcp_trust", "version": "3.3.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 15, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh", "GHSA-5jqp-qgf6-3pvh", "GHSA-mr82-8j83-vxmv", "PYSEC-2021-47", "GHSA-6w46-j5rx-g56g", "GHSA-3ww4-gg4f-jr7f", "GHSA-9v9h-cgj8-h64p", "GHSA-hggm-jpg3-v476", "GHSA-r6ph-v2qm-q3c2", "PYSEC-2017-8", "PYSEC-2021-62" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh", "GHSA-9v9h-cgj8-h64p", "GHSA-m959-cc7f-wv43" ], "Prompt Injection": [ "GHSA-q3cj-2r34-2cwc" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ], "pydantic": [ { "id": "GHSA-5jqp-qgf6-3pvh", "severity": "MEDIUM", "summary": "Use of \"infinity\" as an input to datetime and date fields causes infinite loop in pydantic" }, { "id": "GHSA-mr82-8j83-vxmv", "severity": "MEDIUM", "summary": "Pydantic regular expression denial of service" }, { "id": "PYSEC-2021-47", "severity": "UNKNOWN", "summary": "" } ], "pytest": [ { "id": "GHSA-6w46-j5rx-g56g", "severity": "MEDIUM", "summary": "pytest has vulnerable tmpdir handling" } ], "cryptography": [ { "id": "GHSA-3ww4-gg4f-jr7f", "severity": "HIGH", "summary": "Python Cryptography package vulnerable to Bleichenbacher timing oracle attack" }, { "id": "GHSA-9v9h-cgj8-h64p", "severity": "MEDIUM", "summary": "Null pointer dereference in PKCS12 parsing" }, { "id": "GHSA-hggm-jpg3-v476", "severity": "HIGH", "summary": "RSA decryption vulnerable to Bleichenbacher timing vulnerability" }, { "id": "GHSA-m959-cc7f-wv43", "severity": "LOW", "summary": "cryptography has incomplete DNS name constraint enforcement on peer names" }, { "id": "GHSA-q3cj-2r34-2cwc", "severity": "HIGH", "summary": "Improper input validation in cryptography" }, { "id": "GHSA-r6ph-v2qm-q3c2", "severity": "HIGH", "summary": "cryptography Vulnerable to a Subgroup Attack Due to Missing Subgroup Validation for SECT Curves" }, { "id": "PYSEC-2017-8", "severity": "UNKNOWN", "summary": "" }, { "id": "PYSEC-2021-62", "severity": "UNKNOWN", "summary": "" } ] } }, { "name": "agent-negotiation-mcp", "version": "1.0.0", "ecosystem": "PyPI", "description": "", "github_url": "", "total_cves": 3, "max_severity": "HIGH", "tactic_exposure": { "Infrastructure & Runtime": [ "GHSA-3qhf-m339-9g5v", "GHSA-j975-95f5-7wqh" ], "Code Execution": [ "GHSA-9h52-p55h-vw2f", "GHSA-j975-95f5-7wqh" ] }, "direct_vulns": [], "dep_vulns": { "mcp": [ { "id": "GHSA-3qhf-m339-9g5v", "severity": "HIGH", "summary": "MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS" }, { "id": "GHSA-9h52-p55h-vw2f", "severity": "HIGH", "summary": "Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default" }, { "id": "GHSA-j975-95f5-7wqh", "severity": "HIGH", "summary": "MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service" } ] } } ] }