WeSearch

200,000 MCP servers expose a command execution flaw that Anthropic calls a feature

· 0 reactions · 0 comments · 2 views
200,000 MCP servers expose a command execution flaw that Anthropic calls a feature

Anthropic created the Model Context Protocol as the open standard for AI agent-to-tool communication. OpenAI adopted it in March 2025 . Google DeepMind followed. Anthropic donated MCP to the Linux Foundation in December 2025. Downloads crossed 150 million. Then four researchers at OX Security found an architectural problem that affects all of them. MCP's STDIO transport, the default for connecting an AI agent to a local tool, executes any operating system command it receives. No sanitization. No

Original article
VentureBeat
Read full at VentureBeat →
Anonymous · no account needed
Share 𝕏 Facebook Reddit LinkedIn Threads WhatsApp Bluesky Mastodon Email

Discussion

0 comments

More from VentureBeat

Salesforce launches Agentforce Operations to fix the workflows breaking enterprise AI
VentureBeat·2
The AI scaffolding layer is collapsing. LlamaIndex's CEO explains what survives.
VentureBeat·5
xAI launches Grok 4.3 at an aggressively low price and a new, fast, powerful voice cloning suite
VentureBeat·6
How to build custom reasoning agents with a fraction of the compute
VentureBeat·19
Hidden IT problems are quietly creating risk, shadow IT, and lost productivity
VentureBeat·4
Alibaba's Metis agent cuts redundant AI tool calls from 98% to 2% — and gets more accurate doing it
VentureBeat·9