Eharris128

**Name of the Vulnerable Software and Affected Versions** vet versions prior to 1.12.5 **Description** The software is susceptible to a DNS rebinding attack because of missing HTTP `Host` and `Origin` header validation. When used as an MCP server in SSE mode with default ports, the `sqlite3` database containing scan data may be exposed to remote attackers. An attacker can leverage DNS rebinding to access the `vet` SSE server on `127.0.0.1` through a website and use MCP tools to read information from the report database. The vulnerable component is the SSE server. The API endpoint used for exploitation is not specified. The vulnerable parameters are the `Host` and `Origin` headers. **Recommendations** Update to version 1.12.5 or later. Use `stdio` transport for the SSE server.

**Name of the Vulnerable Software and Affected Versions** AgentAPI versions 0.3.3 and below **Description** AgentAPI, an HTTP API for Claude Code, Goose, Aider, Gemini, Amp, and Codex, is susceptible to a client-side DNS rebinding attack when hosted over plain HTTP on localhost. An attacker can gain access to the `/messages` endpoint served by the Agent API, potentially leading to the unauthorized exfiltration of sensitive user data, including local message history. This message history may contain secret keys, file system contents, and intellectual property. The issue is related to a lack of validation of the `Origin` and `Host` headers. **Recommendations** Upgrade to AgentAPI version 0.4.0 or later.