CVE report

CVE-2025-49596critical

MCP Inspector < 0.14.0 UnauthenticatedRemote Code Execution

Events 7d

692

Distinct IPs

43

Severity

critical

CISA KEV

Not listed

Daily probe volume (last 7 days)

peak: 141
2026-05-14: 42 events05-142026-05-15: 125 events05-152026-05-16: 141 events05-162026-05-17: 119 events05-172026-05-18: 74 events05-182026-05-19: 51 events05-192026-05-20: 83 events05-202026-05-21: 57 events05-21

Downloads & integrations

Top sources probing for CVE-2025-49596

URL patterns we match

An event counts toward CVE-2025-49596 if its URL path contains any of these substrings (case-insensitive).

  • /sse