A vulnerability was found in Algovate xhs-mcp 0.8.11. This affects the function xhs_publish_content of the file src/server/mcp.server.ts of the component MCP Interface. Performing a manipulation of the argument media_paths results in server-side request forgery. The attack may be initiated remotely....

A vulnerability was found in PolarVista xcode-mcp-server 1.0.0. This issue affects the function build_project/run_tests of the file src/index.ts of the component MCP Interface. The manipulation of the argument Request results in os command injection. The attack may be launched remotely. The exploit ...

Admidio Sends SAML Response to Unvalidated Assertion Consumer Service URL from AuthnRequest

Admidio Ignores SAML Signature Validation Result, Processes Forged AuthnRequests and LogoutRequests

Admidio has Inverted 2FA Reset Authorization Check that Lets Group Leaders Strip Admin TOTP

n8n Vulnerable to XSS via MCP OAuth client

n8n's Credential Authorization Bypass in dynamic-node-parameters Allows Foreign API Key Replay

n8n has a Python Task Runner Sandbox Escape Vulnerability

n8n Vulnerable to Unauthenticated Denial of Service via MCP Client Registration

A weakness has been identified in getsimpletool mcpo-simple-server up to 0.2.0. Affected is the function delete_shared_prompt of the file src/mcpo_simple_server/services/prompt_manager/base_manager.py. This manipulation of the argument detail causes relative path traversal. It is possible to initiat...

A vulnerability in B1 Free Archiver v1.5.86 allows files extracted from downloaded archives to bypass Windows Mark of the Web (MotW) protections. When an archive is downloaded from the internet and extracted using B1 Free Archiver, the software fails to propagate the 'Zone.Identifier' alte...

ipl/web is vulnerable to reflected XSS by malformed search requests

GoBGP has Remote Denial of Service (Panic) in UpdatePathAttrs4ByteAs via Malformed BGP UPDATE

GoBGP has Remote Denial of Service (Panic) via Malformed Well-known Path Attribute

CI4MS has Unrestricted PHP File Upload via Theme Installation that Leads to Authenticated Remote Code Execution

PhpSpreadsheet has CPU Denial of Service via Unbounded Row Number in XLSX Row Dimensions

PhpSpreadsheet has CPU Denial of Service via Unbounded Row Index in SpreadsheetML XML Reader

PhpSpreadsheet has SSRF/RCE in IOFactory::load when $filename is user controlled

Insufficient validation of the prefix length field in IPv6 Router Advertisement processing in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause memory corruption by sending a crafted Router Advertisement with a prefix length value exceeding the maximum valid length...

A security vulnerability has been detected in geekgod382 filesystem-mcp-server 1.0.0. This issue affects the function is_path_allowed of the file server.py of the component read_file_tool/write_file_tool. Such manipulation leads to path traversal. The attack can be launched remotely. The exploit has...