@yoda.digital/gitlab-mcp-server's SSE transport has no authentication and wildcard CORS, exposing all 86 GitLab tools
- Severity:
- High
Description
A review of mcp-gitlab-server at commit 80a7b4cf3fba6b55389c0ef491a48190f7c8996a uncovered that the SSE HTTP transport — advertised in the README and comparison table as a differentiating feature — runs with no authentication and wildcard CORS on every endpoint. The maintainers’ own roadmap confirms auth is a known gap.
Recommendation
Update the @yoda.digital/gitlab-mcp-server package to the latest compatible version. Followings are version details:
- Affected version(s): < 0.6.0
- Patched version(s): 0.6.0
References
Related Issues
- yii2-mcp-server has a Command Injection Issue - CVE-2026-7600
- Microsoft Playwright MCP Server vulnerable to DNS Rebinding Attack; Allows Attackers Access to All Server Tools - CVE-2025-9611
- Parse Server has a SQL injection via query field name when using PostgreSQL - CVE-2026-32234
- Parse Server has SQL Injection through aggregate and distinct field names in PostgreSQL adapter - CVE-2026-33539
You might also like:
- Tags:
- npm
- @yoda.digital/gitlab-mcp-server
Anything's wrong? Let us know Last updated on May 09, 2026


