Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

go

github.com/modelcontextprotocol/registry

go

View on github.com · View on proxy.golang.org

Security Advisories for github.com/modelcontextprotocol/registry in go

Low
12 days ago

MCP Registry: OCI validator skips ownership check on upstream rate limits GSA_kwCzR0hTQS0ydjVmLTVyNnctcDY3cs4ABXGl

go github.com/modelcontextprotocol/registry
Moderate
22 days ago

MCP Registry has an unauthenticated SSRF: HTTP namespace verification dials 6to4 / NAT64 / site-local IPv6 addresses, bypassing private-address allowlist GSA_kwCzR0hTQS1yNDhjLXYyOHItcGY2ds4ABWfU

go github.com/modelcontextprotocol/registry
Moderate
22 days ago

MCP Registry vulnerable to stored XSS in catalogue UI via attribute-quote breakout in publisher-controlled `websiteUrl` GSA_kwCzR0hTQS1ycXYyLW02OTUtZjhqNM4ABWfT

go github.com/modelcontextprotocol/registry
Low
22 days ago

MCP Registry's GitHub OIDC tokens are replayable across registry deployments due to shared audience GSA_kwCzR0hTQS05NWMzLTZ2dnctNG1ycc4ABWfO

go github.com/modelcontextprotocol/registry
Moderate
23 days ago

MCP Registry has open redirect via protocol-relative path in trailing-slash middleware GSA_kwCzR0hTQS12OHZ3LWd3NWotdzdtNs4ABWfN

go github.com/modelcontextprotocol/registry

Filter by Severity

Moderate 3 Low 2