COOEY // HUBcompliance · community · intelligence

FAIL › dossier

mcp toolbox for databases product

1
failure events
0
zero-days
0
RCEs
0
on KEV
1
critical
35
worst shame

Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.

Failure history 1 events

DateEventSevFlagsShameSummary
2026-06-29 CVE-2026-11720 critical 35 A path traversal vulnerability exists in the HTTP tool URL builder of googleapis/mcp-toolbox. When constructing downstream API requests, the URL builder substitutes user-controlled pathParams into the configured tool path and parses the resulting string as a relative URL. While