Package impact
npm / @penpot/mcp
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-45805 | high | — | 8.0 | 10d ago | PenPot MCP REPL server binds to 0.0.0.0 with unauthenticated /execute endpoint — RCE |
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-45805 | high | — | 8.0 | 10d ago | PenPot MCP REPL server binds to 0.0.0.0 with unauthenticated /execute endpoint — RCE |