v5.7.2 — Security Fix GHSA-r78r-rwrf-rjwp
Security Fix — GHSA-r78r-rwrf-rjwp / CVE-2026-46701
Severity: High (CWE-306 / CWE-862 — Missing Authentication, incomplete fix)
Credit: @SnailSploit
What was vulnerable
McpSseServer._isAuthorized() returned true when no secret was configured, granting every unauthenticated caller full access to all 22 MCP tools (blackboard_write, agent_spawn, config_set, token management, etc.). The bin/mcp-server.ts CLI path already exited on missing secret, but callers who instantiated McpSseServer directly from lib/ bypassed this guard entirely.
What changed
_isAuthorized()— now returnsfalse(fail closed) whensecretis empty. Requests are denied regardless of bind address.listen()— now rejects with a hardErrorifMcpSseServerOptions.secretis empty, preventing accidental open deployments.McpSseTransport— new optionalsecretconstructor parameter; attachesAuthorization: Bearerheader automatically when set.
Upgrade
npm install network-ai@5.7.2All callers that instantiate McpSseServer directly must pass a non-empty secret. For stdio mode (Claude Desktop / Cursor / Glama) use --stdio — McpSseServer is not involved.
Tests
All 3,136 tests pass. test-phase6.ts Section 7 updated to supply secrets to all authenticated endpoints.
Full changelog: https://github.com/Jovancoding/Network-AI/blob/main/CHANGELOG.md