Vibe Coding
CVE-2026-30856 — WeKnora MCP Server Hijacks Tool Execution via Ambiguous Naming; MCPTox Shows 72.8% Attack Success Rate on o1-mini
GitLab Advisories published CVE-2026-30856 (March 6, 2026) disclosing that Tencent's WeKnora MCP server is vulnerable to tool execution hijacking: a malicious remote MCP server uses ambiguous tool naming combined with indirect prompt injection to intercept and redirect tool calls intended for legitimate servers. The concurrently published MCPTox benchmark tested 20 LLM agents against 45 real-world MCP servers (353 tools) and found o1-mini has a 72.8% attack success rate — with more capable models often more susceptible due to better instruction-following of injected payloads.
↳ Follow the thread