Timing Attack Affecting mcp-ssh-tool package, versions <2.1.1
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk IDSNYK-JS-MCPSSHTOOL-16691259
- published14 May 2026
- disclosed7 May 2026
- creditdodge1218
Introduced: 7 May 2026
New CVE NOT AVAILABLE CWE-208 (opens in a new tab)How to fix?
Upgrade mcp-ssh-tool to version 2.1.1 or higher.
Overview
mcp-ssh-tool is a Model Context Protocol (MCP) SSH client server for remote automation
Affected versions of this package are vulnerable to Timing Attack in the transfer-related filesystem handling process. An attacker can access unauthorized files or directories by bypassing local path policy enforcement and exploiting incomplete canonicalization and segment-boundary checks. Additionally, a timing side channel in HTTP bearer token comparison may allow an attacker to infer valid authentication tokens by measuring response times.
Workaround
This vulnerability can be mitigated by avoiding exposure of HTTP transport beyond loopback, using strict filesystem policy configuration, restricting MCP client access to sensitive local transfer paths, and monitoring audit logs for unexpected transfer operations.