Package impact
npm / network-ai
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-46701 | high | — | 8.0 | 8d ago | Network-AI: Unauthenticated Cross-Origin MCP Tool Invocation via Empty Default Secret | |||
| CVE-2026-42856 | high | — | 8.0 | 19d ago | Network-AI missing authentication on MCP HTTP endpoint, which allows unauthenticated privileged tool calls |