EUVD-2025-209433

ID: EUVD-2025-209433

Severity: medium

CVSS v4: 5.3 (CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N)

CVSS v3: Not provided

CWE: None listed

Source: ENISA

Description

MCPHub in versions below 0.11.0 is vulnerable to authentication bypass. Some endpoints are not protected by authentication middleware, allowing an unauthenticated attacker to perform actions in the name of other users and using their privileges.

Timestamps

Normalized: 2026-04-14T11:00:47Z UTC
Last updated: 2026-04-14T11:00:47Z UTC

References

No references provided.

VulnAI

EUVD-2025-209433

Description

Timestamps

References