CVE Catalog

CVE-2026-58446

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.44%

35th percentile — higher than 35% of all known CVEs

Summary

A vulnerability in Presenton before version 0.8.8-beta allows an unauthenticated remote attacker to invoke MCP tools such as generate_presentation by accessing the /mcp path without authentication. The MCP server automatically generates a valid session token for the configured user, enabling authenticated application actions.

Risk Assessment

An attacker can consume the operator's configured LLM API keys, create presentations in the operator's instance, and perform other authenticated actions, leading to unauthorized resource usage and potential data leakage.

Recommendation

Immediately update Presenton to version 0.8.8-beta or later which includes the fix. As a temporary measure, block access to the /mcp path at the firewall or reverse proxy level.

Original NVD description (English source)

Presenton before 0.8.8-beta bundles an MCP server that, on server/Docker deployments configured with session authentication (AUTH_USERNAME/AUTH_PASSWORD), is reachable unauthenticated at /mcp because the nginx front-end does not apply the auth_request gate to that path and the MCP server auto-mints a valid internal session token for the configured user. A remote unauthenticated attacker can invoke MCP tools such as generate_presentation, performing authenticated application actions, consuming the operators configured LLM API keys, and creating presentations in the operators instance. The Electron desktop build is not affected (MCP disabled).

Vulnerability data from NVD (NIST) · CISA KEV · EPSS