VYPR

npm package

mcp-from-openapi

pkg:npm/mcp-from-openapi

Vulnerabilities (1)

  • CVE-2026-39885HigApr 8, 2026
    affected < 2.3.0fixed 2.3.0

    FrontMCP is a TypeScript-first framework for the Model Context Protocol (MCP). Prior to 2.3.0, the mcp-from-openapi library uses @apidevtools/json-schema-ref-parser to dereference $ref pointers in OpenAPI specifications without configuring any URL restrictions or custom resolvers