Security Advisories

Security research focused on Model Context Protocol (MCP) implementations and AI-assisted development tools.

Published Advisories

• Unauthorized Crypto Transactions Enabled by thirdweb MCP Server

  September 03, 2025 | mcp, cryptocurrency, network-security

  thirdweb MCP Server exposes unauthenticated SSE interface enabling unauthorized cryptocurrency transactions from victims' wallets.

• Grafana MCP Server Exposes Unauthenticated SSE Interface Enabling Remote Dashboard Manipulation

  September 02, 2025 | mcp, grafana, network-security

  Grafana MCP Server exposes unauthenticated SSE interface allowing network-level attackers to manipulate Grafana dashboards and access sensitive data.