CNNVD-202510-741 Information
Oct 05, 2025
cve
CNNVD ID
CNNVD-202510-741
Related CVE
- CNNVD Published: 2025-10-05
Description (Chinese)
MCPHub是samanhappy个人开发者的一个MCP服务器管理工具。 MCPHub 0.9.10及之前版本存在安全漏洞,该漏洞源于对文件src/controllers/serverController.ts中参数baseUrl的错误操作,可能导致服务端请求伪造。
Description (English)
MCPHub is an MCP server management tool for the personal developer of samanhappy. MCPHUb 0.9.10 and previous versions contain a security loophole, which stems from a mishandling of the parameter BaseUrl in the src/controllers/serverController.ts, which may result in the forgery of service requests.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
个人开发者
Published
2025-10-05
Last Modified
2026-02-24
References
https://github.com/August829/YU1/issues/7 https://vuldb.com/?ctiid.327044 https://vuldb.com/?id.327044 https://vuldb.com/?submit.659744
Patch
https://github.com/samanhappy/mcphub/releases
Share on: