VYPR

npm package

@frontmcp/sdk

pkg:npm/%40frontmcp/sdk

Vulnerabilities (1)

  • CVE-2026-39885HigApr 8, 2026
    affected < 1.0.4fixed 1.0.4

    FrontMCP is a TypeScript-first framework for the Model Context Protocol (MCP). Prior to 2.3.0, the mcp-from-openapi library uses @apidevtools/json-schema-ref-parser to dereference $ref pointers in OpenAPI specifications without configuring any URL restrictions or custom resolvers