MCP

9 pieces of writing

MCP OAuth token persistence turns AI orchestration into a supply-chain trust boundary

MCP-based AI orchestration moves OAuth tokens, access grants and memory persistence into the same execution path. Credential handling is now the weakest link in the AI supply chain.

28 May 2026

vulnerability9 min read

getsentry/XcodeBuildMCP PR #289 hardens shell escaping in MCP tool execution

14 May 2026

vulnerability7 min read

Softeria ms-365-mcp-server PR #456 validates redirect_uri before Microsoft Entra forwarding

9 May 2026

vulnerability7 min read

mcp-searxng PR #71 fixed a CWE-1333 ReDoS in section extraction

mcp-searxng interpolated the user-controlled section parameter into a dynamically built regular expression, allowing a malicious MCP client to block the Node.js event loop.

29 April 2026

vulnerability6 min read

NVIDIA's RAG Blueprint had a path traversal in its MCP server. We got the fix merged in three days.

12 April 2026

security11 min read

Seven authentication bypasses that keep shipping in 2025 and 2026: the same architectural antipatterns, rewritten in new frameworks

7 April 2026

vulnerability5 min read

AIPex's localhost daemon let any website control your browser through a WebSocket

AIPex's MCP daemon on 127.0.0.1:9223 accepted WebSocket connections from any origin, letting malicious web pages invoke 30+ browser automation tools. A 39-line fix adds origin validation at the single upgrade handler.

3 April 2026

vulnerability7 min read

Every MCPHub instance started with the same admin password. I changed that.

30 March 2026

security12 min read

MCP gave AI tools a standard interface. Researchers found it was also an attack surface.

10 February 2026