← back
CVE-2026-58446

Presenton < 0.8.8-beta - Authentication Bypass of Session Auth via Unprotected MCP Endpoint

CVSS 6.9 MEDIUMCWE-306
Vexday Risk Score
30Low
SSVC decision (CISA)
Attend
PoC available → attend closely
CVSS 6.9EPSS KEV nãoPoC públicaNuclei Metasploit Patch referenciado
Lifecycle
30 Jun 2026Published on NVD
Recommendation: Plan a near-term fix — a public PoC already exists.
Presenton before 0.8.8-beta bundles an MCP server that, on server/Docker deployments configured with session authentication (AUTH_USERNAME/AUTH_PASSWORD), is reachable unauthenticated at /mcp because the nginx front-end does not apply the auth_request gate to that path and the MCP server auto-mints a valid internal session token for the configured user. A remote unauthenticated attacker can invoke MCP tools such as generate_presentation, performing authenticated application actions, consuming the operators configured LLM API keys, and creating presentations in the operators instance. The Electron desktop build is not affected (MCP disabled).
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
Affected products
presenton · presenton
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →