{"data":{"id":"b3ceb40e-ba83-46dc-bdcd-d7cf821f4bc3","title":"CVE-2026-13341: A vulnerability exists in the Kong Konnect Model Context Protocol (MCP) server prior to version 1.0.0, which could allow","summary":"CVE-2026-13341 is a vulnerability in Kong Konnect MCP (Model Context Protocol, a system for standardized communication between AI models and tools) server versions before 1.0.0 that allows remote attackers to perform prompt injection attacks (tricking the AI by hiding malicious instructions in input) and execute unintended API requests (commands to interact with web services).","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2026-13341","publishedAt":"2026-07-03T11:16:27.720Z","cveId":"CVE-2026-13341","cweIds":["CWE-20"],"cvssScore":"7.4","cvssSeverity":"high","severity":"high","attackType":["prompt_injection"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["Kong","Kong Konnect","Model Context Protocol (MCP)"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N","attackVector":"network","attackComplexity":"low","privilegesRequired":"none","userInteraction":"required","exploitMaturity":"unknown","epssScore":0,"patchAvailable":null,"disclosureDate":"2026-07-03T11:16:27.720Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity"],"aiComponentTargeted":"api","llmSpecific":true,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":["AML.T0051"]}}