CVE-2026-54504
HIGH SEVERITYCVSS Score & Metrics
Base Score
8.8 / 10
Vulnerability Description
@andrea9293/mcp-documentation-server: Web UI API binds to all interfaces without authentication by default
Vulnerability Details
Published Date
Last Modified
Source
GitHub
Vendor
npm
Product
@andrea9293/mcp-documentation-server
External References
- https://github.com/andrea9293/mcp-documentation-server/security/advisories/GHSA-6f5r-5672-72j7
- https://github.com/andrea9293/mcp-documentation-server/commit/37159d4e06b8ee50c3645b2496e3d3f6d32c47f9
- https://github.com/andrea9293/mcp-documentation-server/releases/tag/v1.13.1
- https://github.com/advisories/GHSA-6f5r-5672-72j7
Discussion (0)
Add Comment
No comments yet. Be the first!