CNNVD-202510-740 Information
Oct 05, 2025
cve
CNNVD ID
CNNVD-202510-740
Related CVE
- CNNVD Published: 2025-10-05
Description (Chinese)
MCPHub是samanhappy个人开发者的一个MCP服务器管理工具。 MCPHub 0.9.10及之前版本存在安全漏洞,该漏洞源于sseService.ts文件中handleSseConnectionfunction函数身份验证不当,可能导致远程攻击。
Description (English)
MCPHub is an MCP server management tool for the personal developer of samanhappy. The MCPHUb 0.9.10 and previous versions have a security loophole, which stems from the improper identification of the HandleSseConnaction function in the sseService.ts document, which may lead to a remote attack.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
个人开发者
Published
2025-10-05
Last Modified
2026-02-24
References
https://github.com/August829/YU1/issues/8 https://vuldb.com/?ctiid.327045 https://vuldb.com/?id.327045 https://vuldb.com/?submit.661170
Patch
https://github.com/samanhappy/mcphub/releases
Share on: