Obot has an authorization bypass in /mcp-connect/{id} that allows any authenticated user to use any registered MCP server — GHSA-VW82-7FV8-R6GP

Summary

## Summary If you have the MCP Server ID, you can connect to the MCP server even if you don't have permissions to the server. The MCP gateway endpoint `/mcp-connect/{mcp_id}` does not enforce Access Control Rules (ACRs). Any authenticated Obot user who possesses an MCP Server ID can connect to that server through the gateway — including making tool calls — regardless of whether they are a member of any MCP Registry…

Product

go: github.com/obot-platform/obot

What to do

General, cautious steps (verify details in the official source):

• Prioritize patching or mitigation immediately (treat as actively risky).
• Identify affected product versions in your inventory and verify whether you are impacted.
• Apply vendor patches/updates or recommended mitigations as soon as available.
• Read the official advisory for exact affected versions and remediation steps.

Official advisory

• Read the official source

Related advisories