{"uuid": "7f5f5ab9-e7c3-4796-9077-a3926fcf9e42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49257", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moltgrqenu2e", "content": "CVE-2026-49257 - mcp-pinot: Unauthenticated tool invocation via default oauth_enabled=False + host 0.0.0.0 bind\nCVE ID : CVE-2026-49257\n \n Published : June 18, 2026, 9:01 p.m. | 35\u00a0minutes ago\n \n Description : mcp-pinot is a Python-based Model Context Protocol (MCP) server for...", "creation_timestamp": "2026-06-18T22:03:44.429050Z"}