Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Raw exposure of database statements in Hyperterse MCP search tool
Vulnerability Description
Hyperterse is a tool-first MCP framework for building AI-ready backend surfaces from declarative config. Prior to v2.2.0, the search tool allows LLMs to search for tools using natural language. While returning results, Hyperterse also returned the raw SQL queries, exposing statements which were supposed to be executed under the hood, and protected from being displayed publicly. This issue has been fixed as of v2.2.0.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Vulnerability Type
未加解析的原始Web内容分发
Vulnerability Title
Hyperterse 安全漏洞
Vulnerability Description
Hyperterse是Hyperterse开源的一个用于构建高性能MCP服务器的声明式框架。 Hyperterse v2.2.0之前版本存在安全漏洞,该漏洞源于搜索工具返回原始SQL查询,可能导致本应受保护的SQL语句被公开暴露。
CVSS Information
N/A
Vulnerability Type
N/A