Security Audit of 670 MCP Servers Finds 78% Have Significant Vulnerabilities
A security scan of 670 Model Context Protocol (MCP) servers revealed that 78% have significant security issues, with an average score of just 53 out of 100. Only 9 servers were deemed production-safe, while 85 were found to have no authentication in place. The audit evaluated servers across four security checks, with popular tools like a Postmark server boasting 1,500 weekly downloads among those flagged. A small number of servers, including github-mcp-server, scored well, reaching as high as 85. Developers can assess their own MCP servers using the scanning tool available at utir.dev, with the project's source code published on GitHub.
This is an AI-generated summary. ShortSingh links to the original source for the complete article.
Discussion (0)
Log in to join the discussion and vote.
Log in