Skip to content

v5.7.2 — Security Fix GHSA-r78r-rwrf-rjwp

Choose a tag to compare

@Jovancoding Jovancoding released this 23 May 14:58

Security Fix — GHSA-r78r-rwrf-rjwp / CVE-2026-46701

Severity: High (CWE-306 / CWE-862 — Missing Authentication, incomplete fix)
Credit: @SnailSploit

What was vulnerable

McpSseServer._isAuthorized() returned true when no secret was configured, granting every unauthenticated caller full access to all 22 MCP tools (blackboard_write, agent_spawn, config_set, token management, etc.). The bin/mcp-server.ts CLI path already exited on missing secret, but callers who instantiated McpSseServer directly from lib/ bypassed this guard entirely.

What changed

  • _isAuthorized() — now returns false (fail closed) when secret is empty. Requests are denied regardless of bind address.
  • listen() — now rejects with a hard Error if McpSseServerOptions.secret is empty, preventing accidental open deployments.
  • McpSseTransport — new optional secret constructor parameter; attaches Authorization: Bearer header automatically when set.

Upgrade

npm install network-ai@5.7.2

All callers that instantiate McpSseServer directly must pass a non-empty secret. For stdio mode (Claude Desktop / Cursor / Glama) use --stdioMcpSseServer is not involved.

Tests

All 3,136 tests pass. test-phase6.ts Section 7 updated to supply secrets to all authenticated endpoints.


Full changelog: https://github.com/Jovancoding/Network-AI/blob/main/CHANGELOG.md