GHSA-fj4g-2p96-q6m3: Network-AI missing authentication on MCP HTTP endpoint, which allows unauthenticated privileged tool calls
Summary
The Network-AI project has a critical vulnerability where its MCP HTTP endpoint (a server that handles tool requests) accepts requests without any authentication checks, and binds to 0.0.0.0 (making it accessible from any network). This allows anyone who can reach the server to call privileged tools that can read and modify the system's configuration, control agents, create security tokens, and adjust budget limits.
Vulnerability Details
EPSS: 0.0%
Yes
May 5, 2026
Classification
Affected Vendors
Affected Packages
Related Issues
CVE-2026-34371: LibreChat is a ChatGPT clone with additional features. Prior to 0.8.4, LibreChat trusts the name field returned by the e
CVE-2024-27444: langchain_experimental (aka LangChain Experimental) in LangChain before 0.1.8 allows an attacker to bypass the CVE-2023-
Original source: https://github.com/advisories/GHSA-fj4g-2p96-q6m3
First tracked: May 5, 2026 at 02:00 PM
Classified by LLM (prompt v3) · confidence: 92%