CYBERHAWK / CVE / CVE-2026-10280

CVE-2026-10280

mcpilot

HIGH CVSS 7.3 ai

The flaw

Server-side request forgery vulnerability in MCP API call endpoint.

What to do

Replace with secure alternative or validate serverBaseUrl parameter

▸ Scan my repo for CVE-2026-10280

References

NVD CISA KEV OSV GitHub Advisory MITRE News search
First seen 2026-06-05 · Tracked by PickBits CyberHawk · Weekly CVE digest
← All CVEs RSS Scheduled audits