Security Flaw in Serena MCP Toolkit by OraiOS
CVE-2026-49471
8.3HIGH
What is CVE-2026-49471?
The Serena MCP toolkit by OraiOS, prior to version 1.5.2, contains a vulnerability where its web dashboard's built-in Flask API is accessible without authentication on a fixed port. This exposes the system to DNS rebinding attacks, allowing attackers to write arbitrary data to the agent's memory, leading to a chain of events that can execute shell commands with elevated privileges upon the victim visiting a malicious webpage. This significant security issue has been remediated in version 1.5.2.
Affected Version(s)
serena < 1.5.2
