Filtered by vendor Oatpp
Subscriptions
Filtered by product Mcp
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-6515 | 1 Oatpp | 1 Mcp | 2025-10-21 | 6.8 Medium |
| The MCP SSE endpoint in oatpp-mcp returns an instance pointer as the session ID, which is not unique nor cryptographically secure. This allows network attackers with access to the oatpp-mcp server to guess future session IDs and hijack legitimate client MCP sessions, returning malicious responses from the oatpp-mcp server. | ||||
Page 1 of 1.