{"uuid": "5405f18e-74af-4cbc-9a41-3175d0974776", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48814", "type": "seen", "source": "https://gist.github.com/alon710/95012eaaac31573d3f20cff3cfbc3e84", "content": "# CVE-2026-48814: CVE-2026-48814: Missing Authentication for Critical Orchestration Tools in Network-AI McpSseServer\n\n> **CVSS Score:** 9.1\n> **Published:** 2026-06-19\n> **Full Report:** https://cvereports.com/reports/CVE-2026-48814\n\n## Summary\nCVE-2026-48814 is a critical vulnerability classified as Missing Authentication for Critical Function (CWE-306) in Network-AI, a TypeScript/Node.js multi-agent orchestrator. In versions 5.7.1 and earlier, the Model Context Protocol (MCP) Server-Sent Events (SSE) server allows unauthenticated, cross-origin invocation of sensitive orchestration tools. This vulnerability stems from an incomplete fix for CVE-2026-46701, where library-level server class initializations still default to an insecure empty-secret configuration, allowing remote attackers or Server-Side Request Forgery (SSRF) agents to execute administrative tools.\n\n## TL;DR\nThe Network-AI library (versions <= 5.7.1) features an insecure default configuration in its MCP Server-Sent Events server component. If initialized without a secret, it permits unauthenticated remote callers to invoke any of its 22 critical orchestration tools, potentially leading to unauthorized data exposure, state mutation, and arbitrary agent spawning.\n\n## Technical Details\n\n- **CWE ID**: CWE-306 (Missing Authentication for Critical Function)\n- **Attack Vector**: Network\n- **CVSS v3.1 Score**: 9.1 (Critical)\n- **EPSS Score**: 0.00297 (~0.30% probability)\n- **Impact**: High Confidentiality, High Integrity, No Availability\n- **Exploit Status**: None (No public weaponized exploit available)\n- **KEV Status**: Not listed in CISA KEV Catalog\n\n## Affected Systems\n\n- Network-AI library environments implementing custom McpSseServer integrations\n- Node.js multi-agent orchestration backends running network-ai versions <= 5.7.1\n- **network-ai**: <= 5.7.1 (Fixed in: `5.7.2`)\n\n## Mitigation\n\n- Upgrade the network-ai dependency to version 5.7.2 or later.\n- Instantiate the McpSseServer class with a non-empty, cryptographically secure secret.\n- Restrict binding configurations to loopback addresses (127.0.0.1, localhost) instead of binding to 0.0.0.0.\n- Utilize local standard input/output (McpStdioTransport) transport channels where network binding is not strictly required.\n\n**Remediation Steps:**\n1. Run 'npm install network-ai@5.7.2' to update the library to the patched version.\n2. Audit custom integration files importing 'McpSseServer' from 'network-ai' and ensure a strong secret is passed during initialization.\n3. Ensure the server initialization code does not fail open when environment variables are missing.\n\n## References\n\n- [GitHub Security Advisory Record](https://github.com/Jovancoding/Network-AI/security/advisories/GHSA-r78r-rwrf-rjwp)\n- [GitHub Release Log v5.7.2](https://github.com/Jovancoding/Network-AI/releases/tag/v5.7.2)\n- [GitHub Advisory Database Mapping](https://github.com/advisories/GHSA-j3vx-cx2r-pvg8)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-48814) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-06-19T14:11:51.000000Z"}