PT-2026-53995 · Unknown · Presentmon
George Chen
·
Published
2026-06-30
·
Updated
2026-06-30
·
CVE-2026-58446
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
Presenton versions prior to 0.8.8-beta
Description
In server or Docker deployments using session authentication via
AUTH USERNAME and AUTH PASSWORD, the bundled MCP server is accessible without authentication at the '/mcp' endpoint. This occurs because the nginx front-end fails to apply the auth request gate to this specific path, and the MCP server automatically generates a valid internal session token for the configured user. A remote unauthenticated attacker can exploit this to invoke MCP tools, such as generate presentation(), allowing them to perform authenticated actions, consume the operator's configured LLM API keys, and create presentations within the instance.Recommendations
Update to version 0.8.8-beta or later.
Exploit
Fix
Missing Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Presentmon