Platform
nodejs
Component
@modelcontextprotocol/inspector
Fixed in
0.14.2
0.14.1
CVE-2025-49596 describes a remote code execution (RCE) vulnerability affecting versions of the @modelcontextprotocol/inspector library prior to 0.14.1. This flaw allows unauthenticated requests to execute MCP commands via stdio, potentially granting an attacker complete control over the affected system. Users are strongly advised to upgrade to version 0.14.1 or later to resolve this critical security issue.
The impact of CVE-2025-49596 is severe due to the lack of authentication. An attacker can exploit this vulnerability by sending crafted requests to the @modelcontextprotocol/inspector proxy, bypassing any intended security measures. Successful exploitation allows the attacker to execute arbitrary commands on the system hosting the proxy, effectively achieving remote code execution. This could lead to data breaches, system compromise, and potentially broader network infiltration if the affected system has access to sensitive resources or other internal systems. The absence of authentication makes this vulnerability particularly concerning, as it can be exploited without any prior credentials or access.
CVE-2025-49596 was publicly disclosed on 2025-06-13. The vulnerability received credit from Rémy Marot of Tenable. There are currently no known public exploits or active campaigns targeting this vulnerability, but the ease of exploitation due to the lack of authentication suggests a potential for rapid exploitation if a proof-of-concept is released. The vulnerability is not currently listed on the CISA KEV catalog.
Exploit Status
EPSS
2.54% (85% percentile)
CISA SSVC
The primary mitigation for CVE-2025-49596 is to immediately upgrade the @modelcontextprotocol/inspector library to version 0.14.1 or later. This version includes the necessary authentication checks to prevent unauthorized command execution. If upgrading is not immediately feasible, consider implementing a temporary workaround by restricting network access to the inspector proxy, limiting it to trusted sources only. Review and harden the environment where the inspector proxy runs, ensuring minimal privileges are granted. After upgrading, verify the fix by attempting to send an unauthenticated request to the proxy and confirming that it is rejected.
Immediately update to version 0.14.1 or later of MCP Inspector. This corrects the lack of authentication between the client and proxy, preventing unauthenticated remote code execution. You can update using the Python package manager, pip, with the command: `pip install modelcontextprotocol/inspector==0.14.1`.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-49596 is a critical remote code execution vulnerability in @modelcontextprotocol/inspector versions before 0.14.1, allowing unauthenticated command execution.
You are affected if you are using @modelcontextprotocol/inspector versions earlier than 0.14.1 in your Node.js environment.
Upgrade to @modelcontextprotocol/inspector version 0.14.1 or later to address the vulnerability. Restrict network access to the inspector proxy as a temporary workaround.
Currently, there are no confirmed active exploits, but the lack of authentication makes it a high-risk vulnerability.
Refer to the official @modelcontextprotocol project repository and related security advisories for updates and further information.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.