Primary

Context

ToolHive Secrets Exposure Vulnerability in Run Config Files

Vulnerability

A vulnerability in ToolHive versions prior to 0.0.33 allows for the unintended storage of secrets in run configuration files. These files are used to restart stopped Model Context Protocol (MCP) server containers. As a result, an attacker with access to the user's home directory can read these secrets without needing to access the secrets store. This issue only affects secrets used in containers with active run configurations at the time.

Impact

The vulnerability leads to a low-severity exposure of secrets, allowing unauthorized access to sensitive information stored in run configuration files.

Remediation

Users can upgrade to ToolHive version 0.0.33, which addresses this vulnerability. For those using earlier versions, it is recommended to stop and delete any running MCP servers and manually remove any run configuration files from the appropriate directory based on the operating system.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

ToolHive Secrets Exposure Vulnerability in Run Config Files

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating