{"data":{"id":"aa1b2616-630b-4b86-aa47-88dc5fc86f9f","title":"GHSA-4gph-2hhr-5mwg: Envoy AI Proxy - MCP Message Smuggling Vulnerability","summary":"Envoy AI Gateway has a vulnerability where it improperly parses JSON-RPC messages (a protocol for remote procedure calls) in a case-insensitive way, even though the specification requires case-sensitive matching. This allows attackers to send messages with duplicate fields using different capitalization (like 'name' and 'Name'), causing the gateway to alter and forward a different request than what was originally sent, potentially bypassing security checks in systems that use this gateway.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://github.com/advisories/GHSA-4gph-2hhr-5mwg","publishedAt":"2026-05-19T16:18:14.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":"medium","severity":"medium","attackType":["rag_poisoning"],"issueType":"vulnerability","affectedPackages":["github.com/envoyproxy/ai-gateway@< 0.6.0 (fixed: 0.6.0)"],"affectedVendors":[],"affectedVendorsRaw":["Envoy AI Gateway","Model Context Protocol","modelcontextprotocol/go-sdk"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":true,"disclosureDate":"2026-05-19T16:18:14.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity"],"aiComponentTargeted":"api","llmSpecific":false,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}