CVE Catalog

CVE-2026-48814

CriticalCVSS 9.1
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.30%

21th percentile — higher than 21% of all known CVEs

Summary

Network-AI is a TypeScript/Node.js multi-agent orchestrator that in versions 5.7.1 and earlier allowed unauthenticated cross-origin invocation of MCP tools due to an empty default secret. This issue was partially addressed in version 5.4.5, but the empty-default-secret flaw remained, allowing unauthorized access to all 22 MCP tools.

Risk Assessment

The organization is at significant risk as any non-browser caller could invoke MCP tools without any credentials, potentially leading to unauthorized access to the system.

Recommendation

It is recommended to upgrade to version 5.7.2 to eliminate the empty default secret vulnerability and ensure proper security for the SSE MCP server.

Original NVD description (English source)

Network-AI is a TypeScript/Node.js multi-agent orchestrator. In versions 5.7.1 and earlier, the MCP SSE server allows unauthenticated cross-origin MCP tool invocation due to an empty default secret. This issue was partially addressed by CVE-2026-46701 in version 5.4.5 by closing the CORS flaw (with Access-Control-Allow-Origin now set only for localhost origins), but the empty-default-secret flaw described in the title remained: the SSE MCP server still defaulted to an empty secret, _isAuthorized() still returned true when the secret was empty, and a non-loopback bind only produced a warning. As a result, the server still ran fully unauthenticated by default. Any non-browser caller (for example, curl, SSRF, or a 0.0.0.0 bind) could invoke all 22 MCP tools (config_set, agent_spawn, blackboard_write, token_*) with no credentials. This issue was fixed in version 5.7.2.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS