{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-28T11:59:25.145","vulnerabilities":[{"cve":{"id":"CVE-2026-31841","sourceIdentifier":"security-advisories@github.com","published":"2026-03-12T17:16:51.050","lastModified":"2026-06-17T10:34:33.547","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Hyperterse is a tool-first MCP framework for building AI-ready backend surfaces from declarative config. Prior to v2.2.0, the search tool allows LLMs to search for tools using natural language. While returning results, Hyperterse also returned the raw SQL queries, exposing statements which were supposed to be executed under the hood, and protected from being displayed publicly. This issue has been fixed as of v2.2.0."},{"lang":"es","value":"Hyperterse es un framework MCP centrado en herramientas para construir superficies de backend listas para IA a partir de configuración declarativa. Antes de la v2.2.0, la herramienta de búsqueda permite a los LLM buscar herramientas usando lenguaje natural. Al devolver resultados, Hyperterse también devolvía las consultas SQL sin procesar, exponiendo sentencias que se suponía que debían ejecutarse bajo el capó y protegidas de ser mostradas públicamente. Este problema ha sido solucionado a partir de la v2.2.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"hyperterse","product":"hyperterse","versions":[{"version":">= 2.0.0, < 2.2.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-03-12T17:50:05.033697Z","id":"CVE-2026-31841","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-433"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:hyperterse:hyperterse:*:*:*:*:*:*:*:*","versionEndExcluding":"2.2.0","matchCriteriaId":"24A50F24-DD95-48E6-A2B8-B89E1D7E7CCD"}]}]}],"references":[{"url":"https://github.com/hyperterse/hyperterse/releases/tag/v2.2.0","source":"security-advisories@github.com","tags":["Product","Release Notes"]},{"url":"https://github.com/hyperterse/hyperterse/security/advisories/GHSA-92gp-jfgx-9qpv","source":"security-advisories@github.com","tags":["Patch","Vendor Advisory"]}]}}]}