
fast-mcp-telegram Critical Flaw Lets Attackers Bypass Bearer Token Authentication
A critical path traversal vulnerability in fast-mcp-telegram, a popular MCP (Model Context Protocol) server for Telegram integration, allows remote attackers to bypass Bearer token authentication entirely and hijack the default Telegram session without ever knowing a valid token. The flaw, tracked as GHSA-rxw2-pc8j-vxwm, affects all versions up to and including 0.19.0, with a patch released […]
The post fast-mcp-telegram Critical Flaw Lets Attackers Bypass Bearer Token Authentication appeared first on Cyber Security News.