Mida

**Name of the Vulnerable Software and Affected Versions** AlejandroArciniegas mcp-data-vis versions up to de5a51525a69822290eaee569a1ab447b490746d **Description** An issue in the HTTP Request Handler component allows for server-side request forgery, which occurs when an attacker can induce the server to make requests to an unintended location. This can be triggered remotely through the `axios()` function located in the `src/servers/web-scraper/server.js` file. **Recommendations** As a temporary workaround, consider restricting the use of the `axios()` function in the `src/servers/web-scraper/server.js` file until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** JoeCastrom mcp-chat-studio versions prior to 1.5.1 **Description** An issue exists in the LLM Models API component within the file 'server/routes/llm.js'. Manipulation of the `req.query.base url` argument allows for server-side request forgery, which is a flaw that enables an attacker to induce the server-side application to make requests to an unintended location. This can be exploited remotely. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** dexhunter kaggle-mcp versions prior to 406127ffcb2b91b8c10e20e6c2ca787fbc1dc92d **Description** A path traversal issue exists in the `prepare kaggle dataset()` function within the `src/kaggle mcp/server.py` file. This flaw allows a remote attacker to perform path traversal by manipulating the `competition id` argument. Path traversal is a technique that allows an attacker to access files and directories that are stored outside the web root folder by manipulating variables that reference files with dot-dot-slash (../) sequences. **Recommendations** Update dexhunter kaggle-mcp to a version later than 406127ffcb2b91b8c10e20e6c2ca787fbc1dc92d. As a temporary workaround, restrict or validate the input provided to the `competition id` argument in the `prepare kaggle dataset()` function to prevent the use of path traversal sequences.

**Name of the Vulnerable Software and Affected Versions** dh1011 auto-favicon versions up to f189116a9259950c2393f114dbcb94dde0ad864b **Description** An issue in the MCP Tool component allows remote attackers to perform server-side request forgery (SSRF), which is a flaw where a server is tricked into making unauthorized requests to internal or external resources. This occurs through the manipulation of the `image url` argument within the `generate favicon from url()` function located in the 'src/auto favicon/server.py' file. **Recommendations** As a temporary workaround, restrict access to or avoid using the `generate favicon from url()` function until a fix is provided.

**Name of the Vulnerable Software and Affected Versions** chatgpt-mcp-server versions prior to 0.1.1 **Description** An OS command injection flaw exists in the MCP/HTTP component within the `src/services/docker.service.ts` file. This issue allows unauthenticated remote attackers to achieve remote code execution via the Docker service component, which is designed to bridge Model Context Protocol (MCP) servers with Docker containers. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, restrict access to the `src/services/docker.service.ts` component to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** choieastsea simple-openstack-mcp versions prior to 767b2f4a8154cca344344b9725537a58399e6036 **Description** An OS command injection flaw exists that allows remote attackers to execute arbitrary commands. The issue is located within the `exec openstack()` function of the `server.py` file. This flaw is currently under active exploitation. **Recommendations** Remove the package immediately. As a temporary workaround, consider restricting the use of the `exec openstack()` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Intina47 context-sync versions prior to 2.0.0 **Description** A flaw in the Git Integration component, specifically within the `src/git-integration.ts` file, allows for remote OS command injection. This occurs when an attacker sends specially crafted data that the system executes as a system-level command. **Recommendations** Update to a version later than 2.0.0. As a temporary workaround, restrict access to the Git Integration component to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** AgentDeskAI browser-tools-mcp versions prior to 1.2.1 **Description** An issue exists in the processing of the file `browser-tools-server/browser-connector.ts` that allows a remote attacker to perform OS command injection, which is the execution of arbitrary operating system commands on the server. **Recommendations** Update to a version later than 1.2.0. As a temporary workaround, restrict access to the `browser-tools-server/browser-connector.ts` file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** BidingCC BuildingAI versions prior to 26.0.2 **Description** The Remote Upload API contains a server-side request forgery (SSRF) issue. This occurs when the `uploadRemoteFile()` function in the `packages/core/src/modules/upload/services/file-storage.service.ts` file fails to properly handle the `url` argument, allowing a remote attacker to initiate unauthorized requests from the server. **Recommendations** Update to a version later than 26.0.1. As a temporary workaround, restrict access to the `uploadRemoteFile()` function until a patch is applied.