Vulnerability in Stacklok Toolhive
CVE-2025-47274
ToolHive is a utility designed to simplify the deployment and management of Model Context Protocol (MCP) servers. Due to the ordering of code used to start an MCP server container, versions of ToolHive prior to 0.0.33 inadvertently store s…
EPSS: 0.001 (1.4th percentile) — read the EPSS interpretation.
Affected products
- Stacklok Toolhive — versions < 0.0.33
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM)
- security-advisories@github.com (x_refsource_MISC)
- security-advisories@github.com (x_refsource_MISC)