CVE-2025-49596 – @modelcontextprotocol/inspector

Package

Manager: npm
Name: @modelcontextprotocol/inspector
Vulnerable Version: >=0 <0.14.1

Severity

Level: Critical

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:H/RL:U/RC:R

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

EPSS: 0.00235 pctl0.46224

Details

MCP Inspector proxy server lacks authentication between the Inspector client and proxy Versions of MCP Inspector below 0.14.1 are vulnerable to remote code execution due to lack of authentication between the Inspector client and proxy, allowing unauthenticated requests to launch MCP commands over stdio. Users should immediately upgrade to version 0.14.1 or later to address these vulnerabilities. Credit: Rémy Marot <bughunters@tenable.com>

Metadata

Created: 2025-06-13T22:15:26Z
Modified: 2025-07-09T20:18:37Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/06/GHSA-7f8r-222p-6f5g/GHSA-7f8r-222p-6f5g.json
CWE IDs: ["CWE-306"]
Alternative ID: GHSA-7f8r-222p-6f5g
Finding: F006
Auto approve: 1