CVE-2025-13822
Received Received - Intake
Authentication Bypass in MCPHub < 0.11.0 Allows Privilege Abuse

Publication date: 2026-04-14

Last updated on: 2026-05-01

Assigner: CERT.PL

Description
MCPHub in versions belowΒ 0.11.0 is vulnerable to authentication bypass. Some endpoints are not protected by authentication middleware, allowing an unauthenticated attacker to perform actions in the name of other users and using their privileges.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-14
Last Modified
2026-05-01
Generated
2026-06-16
AI Q&A
2026-04-14
EPSS Evaluated
2026-06-15
NVD
CVE-2025-13822
EUVD
EUVD-2025-209433
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
mcphubx mcphub to 0.11.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-639 The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-13822 is an authentication bypass vulnerability in MCPHub versions below 0.11.0.

The vulnerability exists because some endpoints in MCPHub are not protected by authentication middleware.

This allows an unauthenticated attacker to perform actions on behalf of other users and use their privileges.

It is classified under CWE-639: Authorization Bypass Through User-Controlled Key.

Impact Analysis

This vulnerability can allow an attacker who is not authenticated to perform actions as if they were other users.

Such unauthorized actions could lead to misuse of privileges, potentially compromising the integrity and security of the system.

Mitigation Strategies

To mitigate the authentication bypass vulnerability in MCPHub versions below 0.11.0, you should upgrade MCPHub to version 0.11.0 or later where the issue is fixed.

Additionally, ensure that all endpoints are properly protected by authentication middleware to prevent unauthenticated access.

Detection Guidance

This vulnerability can be detected by testing whether certain MCPHub endpoints allow unauthenticated access and actions. Since the issue is an authentication bypass on some endpoints, you can attempt to access these endpoints without credentials and observe if actions can be performed.

A practical approach is to identify the endpoints exposed by MCPHub and try sending HTTP requests without authentication headers to see if you receive successful responses or can perform privileged actions.

Example commands using curl to test unauthenticated access might include:

  • curl -i http://<mcphub-server>/api/endpoint -X GET
  • curl -i http://<mcphub-server>/api/endpoint -X POST -d '{"action":"test"}' -H 'Content-Type: application/json'

Replace <mcphub-server> and /api/endpoint with actual server address and endpoint paths. If these requests succeed without authentication, it indicates the presence of the vulnerability.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-13822. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart