CNNVD-202509-1046 Information

CNNVD ID

CNNVD-202509-1046

Related CVE

CVE-2025-58444

• CNNVD Published: 2025-09-08

Description (Chinese)

MCP inspector是一个用于调试MCP服务器的开发工具。 MCP inspector 0.16.6之前版本存在安全漏洞，该漏洞源于跨站脚本攻击，可能导致任意命令执行。

Description (English)

MCP inspector is a development tool for debugging the MCP server. There was a security loophole in the pre-MCP inspector 0.16 that originated in a cross-site script attack and could lead to arbitrary enforcement.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-09-08

Last Modified

2026-02-24

References

https://github.com/modelcontextprotocol/inspector/commit/650f3090d26344a672026b737d81586595bb1f60 https://github.com/modelcontextprotocol/inspector/security/advisories/GHSA-g9hg-qhmf-q45m https://access.redhat.com/security/cve/cve-2025-58444

Patch

https://github.com/modelcontextprotocol/inspector/releases