Skip to main content

Agenticmail

1 CVEs product

Monthly

CVE-2026-50287 npm HIGH PATCH GHSA This Week

Missing authentication in @agenticmail/mcp prior to 0.9.27 allows unauthenticated remote clients to invoke master-key-only MCP tools when the server is started with --http or MCP_HTTP=1. The /mcp Streamable HTTP endpoint accepts session initialization and tool calls without any Authorization check, and the server forwards calls using its configured AGENTICMAIL_MASTER_KEY, enabling administrative actions such as setup_email_relay, delete_agent, and send_test_email. Publicly available exploit code exists in the GHSA advisory (one-command PoC), though EPSS remains low at 0.06% (19th percentile) and the issue is not on CISA KEV.

Authentication Bypass Agenticmail
NVD GitHub
CVSS 4.0
8.7
EPSS
0.1%
EPSS 0% CVSS 8.7
HIGH PATCH This Week

Missing authentication in @agenticmail/mcp prior to 0.9.27 allows unauthenticated remote clients to invoke master-key-only MCP tools when the server is started with --http or MCP_HTTP=1. The /mcp Streamable HTTP endpoint accepts session initialization and tool calls without any Authorization check, and the server forwards calls using its configured AGENTICMAIL_MASTER_KEY, enabling administrative actions such as setup_email_relay, delete_agent, and send_test_email. Publicly available exploit code exists in the GHSA advisory (one-command PoC), though EPSS remains low at 0.06% (19th percentile) and the issue is not on CISA KEV.

Authentication Bypass Agenticmail
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy