CYBERHAWK / CVE / CVE-2026-7417

CVE-2026-7417

xhs-mcp

HIGH CVSS 7.3 ai

The flaw

Server-side request forgery in content publishing via media_paths parameter.

What to do

Update to version > 0.8.11 when patch is available

▸ Scan my repo for CVE-2026-7417

References

NVD CISA KEV OSV GitHub Advisory MITRE News search
First seen 2026-05-01 · Tracked by PickBits CyberHawk · Weekly CVE digest
← All CVEs RSS Scheduled audits