MCP Observatory
security

Security

Every MCP risk signal in one place — CVEs, tool safety, drift, naming, licenses. Heuristic: review signals, not verdicts.

Risk: servers ranked by their composite exposure score — synthesised from CVEs, inferred permissions, drift, supply-chain and abandonment signals. Heuristic and banded; a high grade is a 'review this' signal, never a verdict.

patchable now2 servers · fix published, not adopted

A fix already ships upstream but the server still runs an older, vulnerable version — remediation lag, actionable today.

  1. @frontmcp/adapters HIGH CVE-2026-39885 1.4.1 → 2.3.0
  2. @frontmcp/sdk HIGH CVE-2026-39885 1.4.1 → 2.3.0
grade all A B C D E
  1. 1 E EvoMap/evolver 100
    • vuln 50
    • exposure 35
    • drift 20
  2. 2 E danny-avila/LibreChat 97
    • vuln 50
    • exposure 35
    • drift 20
  3. 3 E samanhappy/mcphub 93
    • vuln 37
    • exposure 32
    • drift 20
    • safety 12
  4. 4 E modelcontextprotocol/inspector 85
    • vuln 50
    • exposure 35
  5. 5 E evalsone/mcp-bridge 82
    • vuln 35
    • exposure 35
    • drift 12
  6. 6 E titan-agent 82
    • exposure 35
    • drift 20
    • safety 24
    • supply-chain 6
  7. 7 E askqai/claude-recall 80
    • exposure 35
    • drift 20
    • safety 25
  8. 8 E helius-labs/core-ai 80
    • exposure 35
    • drift 20
    • safety 25
  9. 9 D @claude-flow/cli 79
    • exposure 35
    • drift 20
    • inherited 14
    • safety 12
    • supply-chain 6
  10. 10 D figma-console-mcp 79
    • exposure 35
    • drift 12
    • inherited 15
    • safety 25
  11. 11 D HeliosNova/nova 77
    • exposure 35
    • drift 20
    • safety 25
  12. 12 D abrahamADSK/flame-mcp 77
    • exposure 35
    • drift 20
    • safety 25
  13. 13 D goklab/guardvibe 77
    • exposure 35
    • drift 20
    • safety 25
  14. 14 D heshengtao/comfyui_LLM_party 77
    • exposure 35
    • drift 12
    • safety 24
    • abandonment 6
  15. 15 D flowing-abyss/obsidian-hybrid-search 76
    • exposure 35
    • drift 20
    • safety 24