{ "dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": { "cveId": "CVE-2025-69196", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2025-12-29T14:34:16.261Z", "datePublished": "2026-03-16T18:07:06.332Z", "dateUpdated": "2026-07-08T12:06:01.484Z" }, "containers": { "cna": { "title": "FastMCP OAuth Proxy token reuse across MCP servers", "problemTypes": [ { "descriptions": [ { "cweId": "CWE-863", "lang": "en", "description": "CWE-863: Incorrect Authorization", "type": "CWE" } ] } ], "metrics": [ { "cvssV4_0": { "attackVector": "NETWORK", "attackComplexity": "HIGH", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "ACTIVE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N", "version": "4.0" } } ], "references": [ { "name": "https://github.com/PrefectHQ/fastmcp/security/advisories/GHSA-5h2m-4q8j-pqpj", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/PrefectHQ/fastmcp/security/advisories/GHSA-5h2m-4q8j-pqpj" } ], "affected": [ { "vendor": "jlowin", "product": "fastmcp", "versions": [ { "version": "< 2.14.2", "status": "affected" } ] } ], "providerMetadata": { "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-16T18:07:06.332Z" }, "descriptions": [ { "lang": "en", "value": "FastMCP is the standard framework for building MCP applications. Prior to version 2.14.2, the server does not properly respect the resource parameter submitted by the client in the authorization and token request. Instead of issuing the token explicitly for the MCP server, the token is issued for the base_url passed to the OAuthProxy during initialization. This issue has been patched 2.14.2." } ], "source": { "advisory": "GHSA-5h2m-4q8j-pqpj", "discovery": "UNKNOWN" } }, "adp": [ { "metrics": [ { "other": { "type": "ssvc", "content": { "timestamp": "2026-03-16T19:09:19.463530Z", "id": "CVE-2025-69196", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "version": "2.0.3" } } } ], "title": "CISA ADP Vulnrichment", "providerMetadata": { "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-16T19:09:43.436Z" } }, { "affected": [ { "cpes": [ "cpe:/a:redhat:satellite:6.18::el9" ], "defaultStatus": "affected", "product": "Red Hat Satellite 6.18", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:rhdh:1" ], "defaultStatus": "unaffected", "product": "Red Hat Developer Hub", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:openshift_ai" ], "defaultStatus": "unaffected", "product": "Red Hat OpenShift AI (RHOAI)", "vendor": "Red Hat" } ], "datePublic": "2026-03-16T18:07:06.332Z", "descriptions": [ { "lang": "en", "value": "A flaw was found in FastMCP, a framework for building MCP applications. The server does not correctly process the resource parameter provided by the client during authorization and token requests. This can lead to security tokens being issued for an unintended base URL (Uniform Resource Locator) instead of the specific MCP server. Such improper token issuance could allow an attacker to gain unauthorized access or disclose sensitive information." } ], "metrics": [ { "other": { "content": { "namespace": "https://access.redhat.com/security/updates/classification/", "value": "Important" }, "type": "Red Hat severity rating" } }, { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-1220", "description": "Insufficient Granularity of Access Control", "lang": "en", "type": "CWE" } ] } ], "references": [ { "tags": [ "vdb-entry", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/security/cve/CVE-2025-69196" }, { "name": "RHBZ#2448179", "tags": [ "issue-tracking", "x_refsource_REDHAT" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448179" }, { "tags": [ "x_sadp-csaf-vex" ], "url": "https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69196.json" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:36350" } ], "solutions": [ { "lang": "en", "value": "RHSA-2026:36350: Red Hat Satellite 6.18" } ], "timeline": [ { "lang": "en", "time": "2026-03-16T19:01:37.622Z", "value": "Reported to Red Hat." }, { "lang": "en", "time": "2026-03-16T18:07:06.332Z", "value": "Made public." } ], "title": "fastmcp: FastMCP: Improper token issuance due to incorrect resource parameter handling", "x_adpType": "supplier", "x_generator": { "engine": "sadp-cli 1.0.0" }, "providerMetadata": { "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c", "shortName": "redhat-SADP", "dateUpdated": "2026-07-08T12:06:01.484Z" } } ] } }