Cybersecurity analysts have identified a significant security flaw in the artificial intelligence (AI) firm Anthropic’s Model Context Protocol (MCP) Inspector initiative that might lead to remote code execution (RCE) and enable a perpetrator to obtain full control over the systems.
The flaw, designated as CVE-2025-49596, possesses a CVSS rating of 9.4 out of a highest potential of 10.0.
“This represents one