CVE ID :CVE-2026-48989 Published : June 17, 2026, 9:02 p.m. | 6 hours, 6 minutes ago Description :Windows-MCP is an open-source project that integrates AI agents with Windows. In versions prior to 0.7.5, certain HTTP modes exposed the MCP control plane without authentication while enabling...

#Sicherheitslücke #Windows

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

CVE-2026-48989 - Windows-MCP: HTTP transports expose unauthenticated PowerShell control with wildcard CORS

VERWANDTEARTIKEL

Microsoft Confirms Defender RoguePlanet 0-Day Exploit and Working to Release Patch

CVE-2026-12569 - Remote Code Execution (RCE) vulnerability in Windchill PDMlink

Crypto Clipper uses Tor and worm-like propagation for persistence and control

CVE-2026-53676 - ThingsBoard Prototype Pollution

CVE-2026-12530 - Improper neutralization of argument delimiters in AWS Bedrock AgentCore Python SDK install_packages()

CVE-2026-50194 - Steeltoe vulnerable to management-port isolation bypass via spoofed Host header