Browse all 5 CVE security advisories affecting jlowin. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-27124 | FastMCP: Missing Consent Verification in OAuth Proxy Callback Facilitates Confused Deputy Vulnerabilities — fastmcpCWE-441 | 9.1AI | CriticalAI | 2026-04-03 |
| CVE-2025-64340 | FastMCP has a Command Injection vulnerability - Gemini CLI — fastmcpCWE-78 | 6.7 | Medium | 2026-04-03 |
| CVE-2025-69196 | FastMCP OAuth Proxy token reuse across MCP servers — fastmcpCWE-863 | 5.3AI | MediumAI | 2026-03-16 |
| CVE-2025-62801 | FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name — fastmcpCWE-78 | 9.8AI | CriticalAI | 2025-10-28 |
| CVE-2025-62800 | FastMCP vulnerable to reflected XSS in client's callback page — fastmcpCWE-79 | 6.1AI | MediumAI | 2025-10-28 |
This page lists every published CVE security advisory associated with jlowin. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.