security

Security

Every MCP risk signal in one place — CVEs, tool safety, drift, naming, licenses. Heuristic: review signals, not verdicts.

45 CRITICAL

3647 HIGH

531 MEDIUM

1205 LOW

11 NONE

Risk: servers ranked by their composite exposure score — synthesised from CVEs, inferred permissions, drift, supply-chain and abandonment signals. Heuristic and banded; a high grade is a 'review this' signal, never a verdict.

patchable now2 servers · fix published, not adopted

A fix already ships upstream but the server still runs an older, vulnerable version — remediation lag, actionable today.

@frontmcp/adapters HIGH CVE-2026-39885 1.4.1 → 2.3.0
@frontmcp/sdk HIGH CVE-2026-39885 1.4.1 → 2.3.0

all A B C D E

1 D @claude-flow/cli 79
- exposure 35
- drift 20
- inherited 14
- safety 12
- supply-chain 6
2 D figma-console-mcp 79
- exposure 35
- drift 12
- inherited 15
- safety 25
3 D HeliosNova/nova 77
- exposure 35
- drift 20
- safety 25
4 D abrahamADSK/flame-mcp 77
- exposure 35
- drift 20
- safety 25
5 D goklab/guardvibe 77
- exposure 35
- drift 20
- safety 25
6 D heshengtao/comfyui_LLM_party 77
- exposure 35
- drift 12
- safety 24
- abandonment 6
7 D flowing-abyss/obsidian-hybrid-search 76
- exposure 35
- drift 20
- safety 24
8 D pvliesdonk/markdown-vault-mcp 76
- exposure 35
- drift 20
- safety 24
9 D frsorrentino/chrome-bridge 73
- exposure 28
- drift 20
- safety 25
10 D @diskd-ai/email-mcp 72
- exposure 35
- inherited 15
- safety 25
11 D aiwg 72
- exposure 35
- drift 12
- inherited 15
- safety 24
12 D alibabacloud-devops-mcp-server 72
- exposure 28
- drift 12
- inherited 15
- safety 25
13 D juspay/neurolink 72
- exposure 35
- drift 12
- inherited 15
- safety 24
14 D warunacds/apple-asc-mcp 72
- exposure 35
- drift 12
- safety 25
15 D @mcp-guardian/server 71
- exposure 35
- drift 12
- inherited 15
- safety 12

Security

Navigate

Stream

Display