Advanced Threat Data Export

Filter and download the raw CVE repository (CSV/JSON) for SIEM integration and internal reporting.

Vulnerability Keyword

Date Range

Severity

Format

Upgrade Package

Data export is locked. Upgrade your package to enable filtering and downloading.

← Back to CVE List

CVE-2025-49596NVD

Description

The MCP inspector is a developer tool for testing and debugging MCP servers. Versions of MCP Inspector below 0.14.1 are vulnerable to remote code execution due to lack of authentication between the Inspector client and proxy, allowing unauthenticated requests to launch MCP commands over stdio. Users should immediately upgrade to version 0.14.1 or later to address these vulnerabilities.

Severity Level

CRITICAL (9.4)

Published Date

13/06/2025

Last Modified

09/07/2025

Exploitation Status

UNKNOWN

References

https://github.com/modelcontextprotocol/inspector/commit/50df0e1ec488f3983740b4d28d2a968f12eb8979
https://github.com/modelcontextprotocol/inspector/security/advisories/GHSA-7f8r-222p-6f5g
https://thenewstack.io/mcp-vulnerability-exposes-the-ai-untrusted-code-crisis
https://www.oligo.security/blog/critical-rce-vulnerability-in-anthropic-mcp-inspector-cve-2025-49596