India, July 10 -- Security teams should prioritize robust security policies before deploying AI tools to mitigate these inherent risks

Tenable Research has identified a critical remote code execution vulnerability (CVE-2025-49596) in Anthropic's widely adopted MCP Inspector, an open-source tool crucial for AI development. With a CVSS score of 9.4, this flaw leverages default, insecure configurations, leaving organisations exposed by design. MCP Inspector is a popular tool with over 38,000 weekly downloads on npmjs and more than 4,000 stars on GitHub.

"Security teams and developers should upgrade MCP Inspector to version 0.14.1 or later. This update enforces authentication, binds services to localhost, and restricts trusted origins, clos...