CVE-2026-31841
Last modified
CVE-2026-31841 is a medium-severity vulnerability rated 6.5/10 on the CVSS scale. Hyperterse is a tool-first MCP framework for building AI-ready backend surfaces from declarative config. Prior to v2.2.0, the search tool allows LLMs to search for tools using natural language. EPSS estimates a 0.18% chance of exploitation in the next 30 days.
Description
Hyperterse is a tool-first MCP framework for building AI-ready backend surfaces from declarative config. Prior to v2.2.0, the search tool allows LLMs to search for tools using natural language. While returning results, Hyperterse also returned the raw SQL queries, exposing statements which were supposed to be executed under the hood, and protected from being displayed publicly. This issue has been fixed as of v2.2.0.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Hyperterse | Hyperterse | < 2.2.0 |
References
- https://github.com/hyperterse/hyperterse/releases/tag/v2.2.0Product, Release Notes
- https://github.com/hyperterse/hyperterse/security/advisories/GHSA-92gp-jfgx-9qpvPatch, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2026-31841?
How severe is CVE-2026-31841?
How do I fix CVE-2026-31841?
Are you affected by CVE-2026-31841?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST