Official Advisory: This vulnerability was acknowledged and published by Nhost: GHSA-6c5x-3h35-vvw2
This repository documents a vulnerability in the Nhost Local MCP Server. The service lacks inbound authentication and implements a permissive CORS policy, allowing for unauthenticated, cross-origin request execution.
A single visit to an attacker-controlled origin while nhost mcp is active results in a full project takeover. Upon successful execution, an attacker gains unauthorized access to:
- Exfiltrate production database contents
- Drop tables via raw SQL migrations
- Rewrite Hasura permissions
- Hijack your cloud PAT and Admin Secret
See REPORT.md for the full technical breakdown, root cause analysis, PoC code, and remediation recommendations.
Discovered and reported by Skove (Anas) — [GitHub].
Coordinated disclosure with the Nhost security team.
Disclaimer: Published for educational and responsible disclosure purposes only. Do not use against systems you don't own.
