Security Advisory

CVE-2025-58444

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-09-08 21:24:58
Last updated 2025-09-09 13:31:04
Assigner GitHub_M
State PUBLISHED

Description

The MCP inspector is a developer tool for testing and debugging MCP servers. A cross-site scripting issue was reported in versions of the MCP Inspector local development tool prior to 0.16.6 when connecting to untrusted remote MCP servers with a malicious redirect URI. This could be leveraged to interact directly with the inspector proxy to trigger arbitrary command execution. Users are advised to update to 0.16.6 to resolve this issue.