VYPR

npm package

@yoda.digital/gitlab-mcp-server

pkg:npm/%40yoda.digital/gitlab-mcp-server

Vulnerabilities (1)

  • CVE-2026-44895CriMay 26, 2026
    affected < 0.6.0fixed 0.6.0

    GitLab MCP Server lets an AI agent talk directly to GitLab. Prior to 0.6.0, the HTTP transport in src/transport.ts ships with no authentication layer at all and a wildcard Access-Control-Allow-Origin: * on every response. The structural defect is that the SSE server stands up a s