All intelligence
// vulnerability record
cached · NVD via COSMOS syncCVE-2026-13341
HIGHpublished 2026-07-03 11:16 UTC · 1 day ago
7.4
CVSS / 10
// description
A vulnerability exists in the Kong Konnect Model Context Protocol (MCP) server prior to version 1.0.0, which could allow a remote attacker to perform an indirect prompt injection attack and execute unintended API requests.
// weaknesses (CWE)
- CWE-20