VIR Vulnerability Intelligence Relay

Package impact

npm npm / @yoda.digital/gitlab-mcp-server

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-44895 high 8.0 3d ago @yoda.digital/gitlab-mcp-server's SSE transport has no authentication and wildcard CORS, exposing all 86 GitLab tools