| ... |
|
ATR-2026-00010-mcp-malicious-response.yaml
|
15.73 KB |
|
ATR-2026-00011-tool-output-injection.yaml
|
14.39 KB |
|
ATR-2026-00012-unauthorized-tool-call.yaml
|
12.37 KB |
|
ATR-2026-00013-tool-ssrf.yaml
|
12.84 KB |
|
ATR-2026-00095-supply-chain-poisoning.yaml
|
9 KB |
|
ATR-2026-00096-registry-poisoning.yaml
|
8.66 KB |
|
ATR-2026-00100-consent-bypass-instruction.yaml
|
9.36 KB |
|
ATR-2026-00101-trust-escalation-override.yaml
|
5.78 KB |
|
ATR-2026-00103-hidden-safety-bypass-instruction.yaml
|
8.56 KB |
|
ATR-2026-00105-silent-action-concealment.yaml
|
9.07 KB |
|
ATR-2026-00106-schema-description-contradiction.yaml
|
5.21 KB |
|
ATR-2026-00161-important-tag-cross-tool-shadowing.yaml
|
15.64 KB |
|
ATR-2026-00209-mcpwn-runaway-invocation.yaml
|
9.41 KB |
|
ATR-2026-00210-flowise-system-message-override.yaml
|
9.11 KB |
|
ATR-2026-00259-ansi-escape-injection.yaml
|
7.1 KB |
|
ATR-2026-00270-xss-in-tool-response.yaml
|
9.04 KB |
|
ATR-2026-00277-echo-template-command-injection.yaml
|
8.96 KB |
|
ATR-2026-00393-ansi-code-elicitation-request.yaml
|
10 KB |
|
ATR-2026-00415-flowise-custom-mcp-stdio-rce.yaml
|
9.92 KB |
|
ATR-2026-00419-cursor-mcp-zero-click-config.yaml
|
10.9 KB |
|
ATR-2026-00434-mcp-remote-authorization-endpoint-command-injection.yaml
|
9.23 KB |
|
ATR-2026-00435-azure-mcp-server-missing-authentication.yaml
|
9.14 KB |
|
ATR-2026-00448-spring-ai-milvus-filter-injection.yaml
|
10.77 KB |
|
ATR-2026-00494-garak-exploitation-mixedunassigned.yaml
|
9.42 KB |
|
ATR-2026-00513-package-hallucination-exploitation.yaml
|
10.03 KB |
|
ATR-2026-00521-shell-command-injection-agent-tool-context.yaml
|
9.72 KB |
|
ATR-2026-00522-sql-injection-natural-language-agent-interface.yaml
|
11.3 KB |
|
ATR-2026-00526-claude-code-shell-metachar-in-double-quoted-path.yaml
|
8.03 KB |
|
ATR-2026-00529-litellm-proxy-sqli-cisa-kev.yaml
|
7.8 KB |
|
ATR-2026-00530-ms-agent-shell-tool-unsanitized-argv-rce.yaml
|
8.95 KB |
|
ATR-2026-00531-praisonai-unauthenticated-agent-api.yaml
|
10.27 KB |
|
ATR-2026-00532-apache-doris-mcp-sql-injection.yaml
|
8.06 KB |
|
ATR-2026-00533-apache-pinot-mcp-unauthenticated-takeover.yaml
|
7.76 KB |
|
ATR-2026-00534-alibaba-rds-mcp-unauthenticated-metadata-exfil.yaml
|
8.29 KB |
|
ATR-2026-00536-nginx-ui-mcp-unauthenticated-command-execution.yaml
|
12.64 KB |
|
ATR-2026-00537-fastmcp-server-name-cmd-injection-windows.yaml
|
10.42 KB |
|
ATR-2026-00538-langchain-chatchat-mcp-stdio-unauthenticated-rce.yaml
|
12 KB |
|
ATR-2026-00540-praisonai-parse-mcp-command-cli-injection.yaml
|
8.36 KB |
|
ATR-2026-00541-agent-zero-mcp-config-command-injection.yaml
|
9.25 KB |
|
ATR-2026-00542-upsonic-mcp-command-allowlist-bypass.yaml
|
8.1 KB |
|
ATR-2026-00543-litellm-mcp-server-argv-injection.yaml
|
8.04 KB |
|
ATR-2026-00544-praisonai-pth-file-path-traversal-rce.yaml
|
8.04 KB |
|
ATR-2026-00545-praisonai-tool-override-unauth-rce.yaml
|
7.97 KB |
|
ATR-2026-00561-fastmcp-vulnerable-to-windows-command-in.yaml
|
6.23 KB |
|
ATR-2026-00567-mcp-stdio-config-command-injection.yaml
|
4.67 KB |
|
ATR-2026-00568-agent-ssrf-cloud-metadata-file-inclusion.yaml
|
4.51 KB |
|
ATR-2026-00572-symjack-symlink-config-redirection.yaml
|
9.9 KB |
|
ATR-2026-00575-miasma-npm-worm-agent-config-backdoor.yaml
|
11.1 KB |
|
ATR-2026-00576-hades-agent-credential-theft.yaml
|
9.99 KB |
|
ATR-2026-00577-create-mcp-server-stdio-exec-command-injection.yaml
|
10.1 KB |
|
ATR-2026-00581-mcp-tool-rug-pull-post-approval-redefinition.yaml
|
16.26 KB |
|
ATR-2026-00714-tool-camouflage-forced-tool-call.yaml
|
5.87 KB |
|
ATR-2026-00715-tool-knowledge-hijack-identity-injection.yaml
|
6.9 KB |
|
ATR-2026-00716-ipi-data-destruction-carrier.yaml
|
5.59 KB |
|
ATR-2026-00720-tool-misuse-privilege-escalation-social.yaml
|
5.21 KB |
|
ATR-2026-01300-mcp-notes-param-chat-history-exfil.yaml
|
8.79 KB |
|
ATR-2026-01301-tool-description-exclusive-tool-override.yaml
|
6.95 KB |
|
ATR-2026-01302-fake-tool-result-instruction-injection.yaml
|
7.12 KB |
|
ATR-2026-01303-tool-schema-enumeration-social-engineering.yaml
|
8.64 KB |
|
ATR-2026-01306-mcp-oauth-command-injection.yaml
|
6.08 KB |
|
ATR-2026-01307-mcp-dns-rebinding-attack.yaml
|
6.55 KB |
|
ATR-2026-01310-mcp-tool-description-compliance-history-exfil.yaml
|
10.05 KB |
|
ATR-2026-01775-semantic-mcp-tool-manifest-poisoning.yaml
|
14.87 KB |
|
ATR-2026-01927-mcp-server-kubernetes-kubectl-command-injection.yaml
|
9.71 KB |
|
ATR-2026-01928-framelink-figma-mcp-curl-fallback-command-injection.yaml
|
13.37 KB |
|
ATR-2026-01930-mcp-sampling-prompt-injection.yaml
|
12.4 KB |
|
ATR-2026-01931-gemini-mcp-tool-command-injection-file-exfil.yaml
|
8.78 KB |
|
ATR-2026-01932-shadow-undeclared-mcp-server-registration.yaml
|
8.73 KB |