vulnerability-db

# Vulnerability Database (vulnerability-db) **Comprehensive vulnerability database for Model Context Protocol servers and implementations. Tracks CVEs, OSVs, GitHub Security Advisories (GHSA), and community-reported vulnerabilities with detailed impact assessments, remediation guidance, and disclosure timelines.** ## Overview The Vulnerability Database is a transparent, community-driven repository of security vulnerabilities found in MCP servers and related implementations. Unlike traditional vulnerability databases that often provide only basic descriptions, this database emphasizes complete transparency in vulnerability discovery, reproduction, and validation processes. Every vulnerability entry must provide sufficient detail for independent verification, reproduction, and detection in other software. This includes the methodology used to discover the vulnerability, the specific conditions required for exploitation, and comprehensive evidence supporting the finding. This transparency enables the community to validate findings, develop detection techniques, and apply the knowledge to identify similar vulnerabilities in other MCP servers. ## Core Principles ### Transparency and Reproducibility - **Discovery Methodology**: Complete documentation of how the vulnerability was found - **Reproduction Steps**: Detailed steps to reproduce the vulnerability in the affected software - **Evidence Provision**: Comprehensive evidence including code snippets, logs, and proof-of-concept demonstrations - **Environmental Requirements**: Specific conditions, versions, and configurations required for exploitation ### Knowledge Transfer - **Pattern Recognition**: Documentation that enables detection of similar vulnerabilities in other software - **Technique Sharing**: Sharing of vulnerability research methodologies and approaches - **Root Cause Analysis**: Deep analysis of underlying causes to prevent similar issues - **Detection Automation**: Information structured to enable automated vulnerability detection ### Validation and Verification - **Independent Verification**: All vulnerabilities must be verifiable by independent researchers - **Fix Validation**: Tracking of remediation efforts and verification of fixes - **False Positive Prevention**: Rigorous validation processes to prevent false vulnerability reports - **Continuous Monitoring**: Ongoing tracking of vulnerability status and fix effectiveness ## Vulnerability Entry Requirements ### Mandatory Components #### 1. Vulnerability Overview - **Unique Identifier**: Internal tracking ID and any assigned CVE, OSV, or GHSA numbers - **Affected Software**: Name, version range, repository URL, and specific commits affected - **Vulnerability Description**: Clear description of the security issue #### 2. Reproduction Information - **Reproduction Steps**: Basic steps to reproduce the vulnerability - **Evidence**: Minimal evidence demonstrating the vulnerability exists ### Optional Components #### 3. Extended Technical Details - **Discovery Method**: How the vulnerability was found - **Root Cause Analysis**: Technical analysis of underlying causes - **Exploitation Conditions**: Specific conditions required for exploitation - **Attack Vectors**: Methods to exploit the vulnerability #### 4. Additional Evidence - **Code Analysis**: Relevant code snippets showing the vulnerability - **Proof-of-Concept**: Working demonstrations of the vulnerability - **Test Results**: Additional evidence from testing #### 5. Remediation Information - **Fix Analysis**: Analysis of patches or fixes applied - **Workaround Solutions**: Temporary mitigations available - **Fix Validation**: Evidence that fixes address the issue #### 6. Metadata - **Severity Assessment**: Impact and exploitability ratings if available - **Discovery Date**: When the vulnerability was identified (if known) - **Disclosure Timeline**: Public disclosure information (if applicable) ## Vulnerability Classification and Severity ### Vulnerability Taxonomy Development Part of this project involves creating a comprehensive taxonomy of MCP-specific vulnerabilities and security issues. This taxonomy will be developed collaboratively as we gather more vulnerability data and understand the unique security challenges of the MCP ecosystem. ### Vulnerability Severity Assessment When severity assessments are available, they may use existing frameworks such as CVSSv2 and others. However, current vulnerability severity classification systems may not work well for AI-specific vulnerabilities, and we may need to develop new assessment frameworks tailored to the unique risks and impacts of MCP and AI system vulnerabilities. ## Repository Structure The vulnerability database uses a time-based directory structure with standardized file naming: ``` vulnerability-db/ ├── advisories/ │ ├── 2025/ │ │ ├── 01/ │ │ │ ├── 15/ │ │ │ │ ├── MCPS-01939a4c-8000-7000-8000-123456789abc-osv.json │ │ │ │ └── MCPS-01939b2d-8001-7000-8000-987654321def-osv.json │ │ │ └── 16/ │ │ └── 02/ │ └── 2024/ ├── schemas/ │ └── osv.json └── README.md ``` ### Directory Structure - **advisories/**: Root directory for all vulnerability advisories - **YYYY/MM/DD/**: Date-based organization by year/month/day - **schemas/**: JSON schema files for validation ### File Naming Convention - **Format**: `MCPS-{UUID}-{format}.json` - **MCPS**: Model Context Protocol Security project prefix - **UUID**: UUID v7 (time-ordered, sortable) - **Format**: Currently `osv` (Open Source Vulnerability format) - **Example**: `MCPS-01939a4c-8000-7000-8000-123456789abc-osv.json` ### Supported Formats - **osv**: Open Source Vulnerability format (OSV schema) - **Current format** The format suffix is maintained for future extensibility to support additional vulnerability formats if needed. ### Schema Validation All advisory files must conform to the OSV JSON schema: - OSV files validated against official OSV schema - Validation occurs automatically via CI/CD pipeline - Schema file stored in `schemas/osv.json` ## Quality Standards ### Quality Goals The following represent our quality goals and aspirations for vulnerability entries. These are what we strive to work towards, not strict requirements for submission. ### Vulnerability Quality Aspirations #### Technical Accuracy - **Verified Findings**: Ideally, vulnerabilities would be independently verified and tested - **Reproduction Validation**: Optimally, reproduction steps would be validated by multiple parties - **False Positive Prevention**: Goal to develop rigorous validation processes to prevent incorrect vulnerability reports - **Technical Depth**: Aspiration for sufficient technical detail to understand and address vulnerabilities #### Completeness - **Comprehensive Documentation**: Goal for all relevant components to be present and complete - **Evidence Provision**: Aspiration for sufficient evidence to support claims and findings - **Methodology Transparency**: Ideal of complete disclosure of discovery and validation processes - **Fix Tracking**: Goal of comprehensive tracking of remediation efforts and verification #### Community Value - **Knowledge Transfer**: Aspiration for information structured to enable learning and pattern recognition - **Practical Utility**: Goal for findings that provide actionable information for security improvement - **Pattern Recognition**: Ideal of documentation that enables detection of similar issues elsewhere - **Prevention Guidance**: Aspiration for information that helps prevent similar vulnerabilities in future development ### Validation Process #### Submission Validation 1. **Technical Review**: Verification of technical accuracy and reproduction steps 2. **Independent Verification**: Confirmation by independent researchers when possible 3. **Evidence Validation**: Review of supporting evidence and proof-of-concept demonstrations 4. **Community Review**: Open review period for community feedback and validation #### Ongoing Maintenance - **Fix Tracking**: Continuous monitoring of remediation efforts and fix effectiveness - **Status Updates**: Regular updates on vulnerability status and remediation progress - **Regression Monitoring**: Ongoing verification that fixes remain effective - **Community Feedback**: Incorporation of community feedback and additional findings ## Process Improvement and Tool Integration ### Vulnerability Research Evolution As the community contributes vulnerabilities and develops better detection techniques, these improvements must be integrated back into the broader ecosystem: - **mcpserver-audit Integration**: Successful vulnerability detection methodologies should be incorporated into the audit tool's scanning capabilities - **Pattern Recognition**: Vulnerability patterns and signatures should be systematized for automated detection - **Tool Enhancement**: Detection techniques that prove effective should be integrated into security tooling - **Research Advancement**: The vulnerability database serves as a foundation for advancing MCP security research This ensures that manual vulnerability research continuously improves automated detection capabilities, creating a comprehensive security intelligence system. ## Community Participation ### Contribution Guidelines #### For Vulnerability Researchers - **Responsible Disclosure**: Follow responsible disclosure practices and coordination timelines - **Thorough Documentation**: Provide comprehensive documentation enabling reproduction and validation - **Community Engagement**: Respond to community questions and validation efforts - **Pattern Sharing**: Document patterns and techniques that could help find similar issues #### For Validators - **Independent Verification**: Attempt to reproduce and validate reported vulnerabilities - **Constructive Feedback**: Provide specific, actionable feedback on vulnerability reports - **Pattern Recognition**: Identify connections to other vulnerabilities and security issues - **Quality Improvement**: Contribute to improving vulnerability reporting standards ### Recognition and Incentives #### Contributor Recognition - **Research Quality**: Recognition for high-quality, well-documented vulnerability research - **Community Impact**: Acknowledgment of vulnerabilities that significantly improve MCP security - **Methodology Innovation**: Recognition for innovative vulnerability discovery techniques - **Responsible Disclosure**: Acknowledgment of proper disclosure and coordination practices #### Community Benefits - **Shared Intelligence**: Community benefits from shared vulnerability intelligence and patterns - **Improved Security**: Better security outcomes through transparent vulnerability research - **Knowledge Advancement**: Advancement of MCP security research and detection capabilities - **Prevention Focus**: Emphasis on preventing similar vulnerabilities in future development ## Integration with Ecosystem ### Input Sources - **audit-db**: Vulnerabilities discovered during comprehensive audits - **Independent Research**: Direct vulnerability research and security analysis - **Community Reports**: Vulnerability reports from users and security researchers - **Automated Detection**: Vulnerabilities found through automated scanning and analysis ### Output Destinations - **mcpserver-audit**: Vulnerability intelligence to improve audit tool detection capabilities - **mcpserver-finder**: Security risk information to inform server recommendations - **Vulnerability Tracking Systems**: Informing CVE, OSV, and GitHub Security Advisory (GHSA) databases - **Security Advisories**: Information for security advisory creation and distribution ## Usage and Access ### Public Access - **Open Repository**: Full vulnerability database is publicly accessible - **Search Capabilities**: Comprehensive search across vulnerabilities, patterns, and evidence - **API Access**: Programmatic access for security tool integration and analysis - **Intelligence Feeds**: Structured feeds for security tools and monitoring systems ### Integration Support - **Detection Integration**: APIs for integrating vulnerability intelligence into security tools - **Automated Monitoring**: Support for automated vulnerability monitoring and alerting - **Pattern Matching**: Structured data for automated pattern recognition and detection - **Research Support**: Data access for academic research and security analysis ## CLI Tools ### Installation Install the required dependencies: ```bash pip install -r requirements.txt ``` ### MCPS Advisory CLI The `scripts/mcps-advisory.py` tool provides commands for creating, validating, and managing MCPS vulnerability advisories. #### Commands **Create a new advisory:** ```bash ./scripts/mcps-advisory.py create [OPTIONS] ``` Options: - `--id ID`: Specify advisory ID (auto-generated OSV-MCPS-YYYY-XXXXXXXX format if not provided) - `--summary TEXT`: Advisory summary - `--details TEXT`: Detailed description - `--date YYYY-MM-DD`: Advisory date (defaults to current date) **Validate an advisory:** ```bash ./scripts/mcps-advisory.py validate FILE ``` **List existing advisories:** ```bash ./scripts/mcps-advisory.py list [--verbose] ``` #### Usage Examples ```bash # Create a new advisory with basic information ./scripts/mcps-advisory.py create --summary "XSS vulnerability in MCP server" --details "Cross-site scripting vulnerability found in request handling" # Create advisory with specific ID and date ./scripts/mcps-advisory.py create --id "OSV-MCPS-2025-ABC12345" --date "2025-01-15" # Validate an existing advisory ./scripts/mcps-advisory.py validate advisories/2025/01/15/OSV-MCPS-2025-ABC12345-osv.json # List all advisories ./scripts/mcps-advisory.py list # List with full file paths ./scripts/mcps-advisory.py list --verbose ``` #### File Output The CLI automatically: - Generates MCPS identifiers in OSV-compliant format (`OSV-MCPS-YYYY-XXXXXXXX`) - Creates proper directory structure (`advisories/YYYY/MM/DD/`) - Names files using format: `{ID}-osv.json` - Validates against OSV schema - Includes MCPS-specific metadata fields ## Contributing We welcome contributions from the security research community, including: - **Vulnerability Reports**: Well-documented vulnerability findings with complete reproduction steps - **Detection Techniques**: Improved methods for identifying and validating vulnerabilities - **Pattern Documentation**: Analysis of vulnerability patterns and detection signatures - **Tool Development**: Security tools that enhance vulnerability detection and validation - **Research Collaboration**: Academic research and analysis of MCP security vulnerabilities ### Getting Started 1. **Review Standards**: Familiarize yourself with vulnerability reporting standards 2. **Responsible Disclosure**: Follow proper disclosure practices and coordination 3. **Document Thoroughly**: Use comprehensive documentation for all findings 4. **Engage Community**: Participate in community validation and feedback processes 5. **Share Knowledge**: Contribute to improving community vulnerability detection capabilities ## Get Involved Join our community: [GitHub Discussions](https://github.com/orgs/ModelContextProtocol-Security/discussions) • [Slack #mcp channel](https://csaurl.org/mcp-invite) • [Contribute on GitHub](https://github.com/ModelContextProtocol-Security) --- *Part of the [Model Context Protocol Security](https://modelcontextprotocol-security.io/) initiative - A Cloud Security Alliance community project.*