Critical RCE Flaw Hits Anthropic’s MCP Inspector Tool
Vulnerability Overview On July 1, cybersecurity researchers discovered a critical remote code execution (RCE) vulnerability, CVE‑2025‑49596, within Anthropic’s open‑source Model Context Protocol (MCP) Inspector. This flaw allows attackers to execute arbitrary commands on developer systems by exploiting the default, insecure configuration of the Inspector tool. With a CVSS score of 9.4 out of 10, it’s…