The Agentic Attack Surface: 2005 Web Security All Over Again

The Agentic Attack Surface: 2005 Web Security All Over Again If you've been watching the CVEs drop this week, you've seen the pattern. It's not subtle. February 21, 2026: eBay MCP Server gets CVE-2026-27203. The ebay_set_user_tokens tool writes directly to .env without sanitizing newlines. Attacker injects arbitrary environment variables. Overwrite EBAY_REDIRECT_URI to hijack OAuth flows. Inject NODE_OPTIONS for potential RCE. Found by an automated scanner called MCPwner — the first MCP-specific CVE in what's guaranteed to be a long list. February 20, 2026: Microsoft Semantic Kernel hits its second critical in one week. CVE-2026-25592: the SessionsPythonPlugin's DownloadFileAsync and UploadFileAsync don't validate localFilePath . Agent function calling can write arbitrary files. Last week it was the InMemoryVectorStore RCE. Two criticals, one release window. February 20, 2026: Ray dashboard ships with auth off by default. CVE-2026-27482: the browser-protection middleware blocks POST an

The Agentic Attack Surface: 2005 Web Security All Over Again

Related Articles

The Apple Watch Series 9 is over 50% off during the Amazon Spring Sale for a limited time

Get your pup the smart Halo Collar 5 that's 25% off

Open Source Is Not Enough and Why You Need Attestation

BRINC's new police drone uses Starlink, carries Narcan, chases vehicles at 60mph

Who’s driving Waymo’s self-driving cars? Sometimes, the police.

Related Articles

News
The Apple Watch Series 9 is over 50% off during the Amazon Spring Sale for a limited time
ZDNet • 5d ago

News
Get your pup the smart Halo Collar 5 that's 25% off
ZDNet • 5d ago

News
Open Source Is Not Enough and Why You Need Attestation
Medium Programming • 5d ago

News
BRINC's new police drone uses Starlink, carries Narcan, chases vehicles at 60mph
Ars Technica • 6d ago

News
Who’s driving Waymo’s self-driving cars? Sometimes, the police.
TechCrunch • 6d ago