VYPR

Oatpp Mcp

by Oatpp

Source repositories

CVEs (1)

  • CVE-2025-6515MedOct 20, 2025
    risk 0.44cvss 6.8epss 0.00

    The MCP SSE endpoint in oatpp-mcp returns an instance pointer as the session ID, which is not unique nor cryptographically secure. This allows network attackers with access to the oatpp-mcp server to guess future session IDs and hijack legitimate client MCP sessions, returning…