@yoda.digital/gitlab-mcp-server's SSE transport has no authentication and wildcard CORS, exposing all 86 GitLab tools
- Severity:
- High
Description
A review of mcp-gitlab-server at commit 80a7b4cf3fba6b55389c0ef491a48190f7c8996a uncovered that the SSE HTTP transport — advertised in the README and comparison table as a differentiating feature — runs with no authentication and wildcard CORS on every endpoint. The maintainers’ own roadmap confirms auth is a known gap.
Recommendation
Update the @yoda.digital/gitlab-mcp-server package to the latest compatible version. Followings are version details:
- Affected version(s): < 0.6.0
- Patched version(s): 0.6.0
References
Related Issues
- yii2-mcp-server has a Command Injection Issue - CVE-2026-7600
- Microsoft Playwright MCP Server vulnerable to DNS Rebinding Attack; Allows Attackers Access to All Server Tools - CVE-2025-9611
- Undici has Unhandled Exception in WebSocket Client Due to Invalid server_max_window_bits Validation - CVE-2026-2229
- Signal K Server has an Unauthenticated Regular Expression Denial of Service (ReDoS) via WebSocket Subscription Paths - CVE-2026-39320
You might also like:
- Tags:
- npm
- @yoda.digital/gitlab-mcp-server
Anything's wrong? Let us know Last updated on May 09, 2026