CVE-2025-14542

Name of the Vulnerable Software and Affected Versions (affected versions not specified)

Description The issue occurs when a client retrieves a tools’ JSON specification, referred to as a Manual, from a remote Manual Endpoint. A provider can initially deliver a harmless manual, establishing client trust, but subsequently alter the manual to exploit the client. This allows a malicious provider to change the manual after the client has begun to trust the provider.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.