CVE-2026-48814
CriticalCVSS 9.1Exploitation Probability (EPSS)
Low risk21th percentile — higher than 21% of all known CVEs
Summary
Network-AI is a TypeScript/Node.js multi-agent orchestrator that in versions 5.7.1 and earlier allowed unauthenticated cross-origin invocation of MCP tools due to an empty default secret. This issue was partially addressed in version 5.4.5, but the empty-default-secret flaw remained, allowing unauthorized access to all 22 MCP tools.
Risk Assessment
The organization is at significant risk as any non-browser caller could invoke MCP tools without any credentials, potentially leading to unauthorized access to the system.
Recommendation
It is recommended to upgrade to version 5.7.2 to eliminate the empty default secret vulnerability and ensure proper security for the SSE MCP server.
Original NVD description (English source)
Network-AI is a TypeScript/Node.js multi-agent orchestrator. In versions 5.7.1 and earlier, the MCP SSE server allows unauthenticated cross-origin MCP tool invocation due to an empty default secret. This issue was partially addressed by CVE-2026-46701 in version 5.4.5 by closing the CORS flaw (with Access-Control-Allow-Origin now set only for localhost origins), but the empty-default-secret flaw described in the title remained: the SSE MCP server still defaulted to an empty secret, _isAuthorized() still returned true when the secret was empty, and a non-loopback bind only produced a warning. As a result, the server still ran fully unauthenticated by default. Any non-browser caller (for example, curl, SSRF, or a 0.0.0.0 bind) could invoke all 22 MCP tools (config_set, agent_spawn, blackboard_write, token_*) with no credentials. This issue was fixed in version 5.7.2.

