VYPR

npm package

network-ai

pkg:npm/network-ai

Vulnerabilities (1)

  • CVE-2026-42856HigMay 11, 2026
    affected < 5.1.3fixed 5.1.3

    Network-AI is a TypeScript/Node.js multi-agent orchestrator. Prior to 5.1.3, the MCP HTTP transport accepts JSON-RPC tools/call requests with no authentication, session, origin, or token check, and dispatches them directly to the orchestrator's tool registry. The default bind add