OsVault/npm/@samanhappy/mcphub
npm

@samanhappy/mcphub

4 known vulnerabilities · 0 critical · 0 high

GHSA-9vq7-9h42-j88h

MCPHub has an authentication bypass

Published Apr 14, 2026
CVE-2025-11285

MCPHub's ServerController is vulnerable to Command Injection

Published Oct 5, 2025
CVE-2025-11287

MCPHub has an Improper Authorization vulnerability via its handleSseConnection function

Published Oct 5, 2025
GHSA-p3h2-2j4p-p83g

MCPHub has Path Traversal via Malicious MCPB Manifest Name

Published Apr 22, 2026
Check your entire dependency tree at onceRun dependency scan →