CVE Catalog

CVE-2026-54842

HighCVSS 8.1
Published: Updated: Translated: NVD NIST

Summary

Missing Authorization in Royal Plugins Royal MCP allows exploiting incorrectly configured access control security levels. This issue affects Royal MCP from n/a through 1.4.25.

Risk Assessment

The organization may be exposed to unauthorized access to resources, potentially leading to data leaks or unauthorized changes in the system.

Recommendation

It is recommended to review and improve the configuration of access control levels in Royal MCP to ensure proper user authorization.

Original NVD description (English source)

Missing Authorization vulnerability in Royal Plugins Royal MCP allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Royal MCP: from n/a through 1.4.25.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS