Vendor
critical
advisory
MCPHub User Impersonation Vulnerability via Unauthenticated SSE Endpoint
2 rules 3 TTPsMCPHub is vulnerable to user identity spoofing on the MCP transport layer; an unauthenticated network user can impersonate any user, including administrators, on SSE/MCP endpoints by providing the target username in the URL path, which allows execution of MCP tool calls under a spoofed user's identity, access to user-scoped resources and data, and poisoning of audit logs.
@samanhappy/mcphub
identity-spoofing
sse
mcp
unauthenticated-access
2r
3t
high
advisory
MCPHub Path Traversal Vulnerability via Malicious MCPB Manifest Name
2 rules 2 TTPsMCPHub is vulnerable to path traversal, where a malicious MCPB file with a crafted manifest.name can cause files to be extracted to arbitrary locations due to missing sanitization in the upload handler.
@samanhappy/mcphub
path-traversal
web-application
mcphub
2r
2t