A security vulnerability has been disclosed in Anthropic's Machine Communication Protocol (MCP), which allows AI tools to interact with machines. OX Security revealed that MCP can execute arbitrary commands on a host system, affecting all official SDKs including Python, TypeScript, Java, and Rust. The flaw impacts various tools like MCP Inspector, LibreChat, and Cursor, with Anthropic stating the behavior is intentional and defense must now occur at the application layer. AI
影响 Highlights potential security risks in AI tool integrations, necessitating application-level defenses.
排序理由 Security vulnerability disclosed in a protocol used by AI tools, affecting multiple applications and SDKs.
在 Mastodon — mastodon.social 阅读 →
AI 生成摘要 · Google Gemini · 来自 2 个来源。 我们如何撰写摘要 →
