Universal-tool-calling-protocol Python-utcp
3 CVEs affecting Universal-tool-calling-protocol Python-utcp. Latest disclosed: 2026-05-14. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-45369 | High | 8.3 | 2026-05-14 | python-utcp is the python implementation of UTCP. Prior to 1.1.3, the _substitute_utcp_args method in cli_communication_protocol.py inserts user-controlled too… |
CVE-2026-45370 | High | 7.7 | 2026-05-14 | python-utcp is the python implementation of UTCP. Prior to 1.1.3, _prepare_environment() in cli_communication_protocol.py passes a full copy of os.environ to e… |
CVE-2026-44661 | Medium | 4.7 | 2026-05-14 | python-utcp is the python implementation of UTCP. Prior to 1.1.3, the utcp-http plugin is vulnerable to a blind Server-Side Request Forgery (SSRF) caused by a… |