VYPR

Typescript Utcp

by Universal Tool Calling Protocol

Source repositories

CVEs (1)

  • CVE-2026-45366MedMay 28, 2026
    risk 0.31cvss 4.7epss 0.00

    typescript-utcp is a typescript implementation of UTCP. Prior to 1.1.2, the @utcp/http package is vulnerable to a blind Server-Side Request Forgery (SSRF) caused by a trust-boundary inconsistency between manual discovery and tool invocation. registerManual() validates the…