mcp
by Agenticmail
CVEs (1)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-50287 | hig | 0.38 | — | — | Jun 1, 2026 | # AgenticMail MCP HTTP authorization bypass ## Summary `@agenticmail/mcp` exposes a Streamable HTTP transport when started with `--http` or `MCP_HTTP=1`. In that mode, the `/mcp` endpoint accepts requests without any HTTP authentication layer. A remote client can initialize a… |
- risk 0.38cvss —epss —
# AgenticMail MCP HTTP authorization bypass ## Summary `@agenticmail/mcp` exposes a Streamable HTTP transport when started with `--http` or `MCP_HTTP=1`. In that mode, the `/mcp` endpoint accepts requests without any HTTP authentication layer. A remote client can initialize a…