MCP Server CVE Exposure Mapping and Public API Released

✍️ OpenClawRadar📅 Published: April 3, 2026🔗 Source
MCP Server CVE Exposure Mapping and Public API Released
Ad

MCP Server Security Analysis and Public API

Security researchers have analyzed thousands of MCP (Model Context Protocol) servers to map their dependency trees against known CVEs and security advisories. When you install an MCP server, you're inheriting its entire dependency tree, which may contain vulnerabilities.

Key Findings from the Analysis

  • A meaningful percentage of servers carry known vulnerabilities
  • Some servers accumulate dozens or 100+ CVEs through dependencies
  • Severity varies significantly - high CVE count doesn't necessarily mean high risk, and low count doesn't guarantee safety
  • Dependency sprawl is common across MCP servers
  • A large portion of these servers still appear on major MCP directories

Public API Details

The researchers built a public API that requires no API key: https://api.mistaike.ai/api/v1/public/cve-index

With this API, you can:

  • Search by repository name or server name
  • Filter results by vulnerability severity
  • Sort by CVE count or recency of vulnerabilities
Ad

Important Caveats

The presence of a CVE doesn't automatically mean it's exploitable. Some vulnerabilities exist in unused code paths, while others may already be mitigated. This tool provides visibility into supply chain risk rather than labeling projects as unsafe.

Next Phase: Runtime Behavior Analysis

The researchers are now analyzing what MCP servers actually do at runtime, including network calls and external dependencies. In a subset of servers analyzed so far (~5%), they've identified a small number of behaviors that may have privacy implications, including apparent use of invisible Unicode characters consistent with response watermarking. These observations are still under review, and the team is working to separate true positives from analysis artifacts before engaging with projects directly.

📖 Read the full source: r/ClaudeAI

Ad

👀 See Also

OneCLI: Open-Source Credential Vault for AI Agents
Security

OneCLI: Open-Source Credential Vault for AI Agents

OneCLI is an open-source gateway written in Rust that sits between AI agents and external services, injecting real credentials at request time while agents only see placeholder keys. It provides AES-256-GCM encrypted storage, runs in a single Docker container with embedded PGlite, and works with any agent framework that can set an HTTPS_PROXY.

OpenClawRadar
Domain-Camouflaged Injection Attacks Evade Detectors in Multi-Agent LLM Systems
Security

Domain-Camouflaged Injection Attacks Evade Detectors in Multi-Agent LLM Systems

A new paper shows injection payloads tailored to domain vocabulary evade detection, dropping IDR from 93.8% to 9.7%. Multi-agent debate amplifies attacks. Llama Guard 3 detects zero payloads.

OpenClawRadar
AgentSeal Security Scan Finds AI Agent Risks in Blender MCP Server
Security

AgentSeal Security Scan Finds AI Agent Risks in Blender MCP Server

AgentSeal scanned the Blender MCP server (17k stars) and identified several security issues relevant to AI agents, including arbitrary Python execution, potential file exfiltration chains, and prompt injection patterns in tool descriptions.

OpenClawRadar
820 Malicious Skills Found in OpenClaw's ClawHub Marketplace
Security

820 Malicious Skills Found in OpenClaw's ClawHub Marketplace

Security researchers identified 820 skills in OpenClaw's ClawHub marketplace containing confirmed malware including keyloggers, data-exfiltration scripts, and hidden shell commands. These skills can execute code and interact with the local environment, creating supply-chain security risks.

OpenClawRadar