yoda-digital mcp-gitlab-server < 0.6.0 — no-auth SSE RPC endpoint bound to 0.0.0.0 with wildcard CORS exposes operator GitLab PAT (CVSS 4.0 = 9.2; GHSA-8jr5-6gvj-rfpf); noted in § 7 (niche package)
cve · CVE-2026-44895
Coverage timeline
1
first 2026-05-27 → last 2026-05-27
Briefs
1
1 distinct
Sources cited
8
4 hosts
Sections touched
0
—
Co-occurring entities
0
no co-occurrence
Story timeline
- 2026-05-27CTI Daily Brief — 2026-05-27
Source distribution
- attack.mitre.org5 (62%)
- advisories.ncsc.nl1 (12%)
- bitdefender.com1 (12%)
- sentinelone.com1 (12%)
External references
All cited sources (8)
- advisories.ncsc.nlinlineNCSC-NL NCSC-2026-0161, 2026-05-15https://advisories.ncsc.nl/csaf/v2/2026/ncsc-2026-0161.json
- attack.mitre.orginlineT1072https://attack.mitre.org/techniques/T1072/
- attack.mitre.orginlineT1195.002https://attack.mitre.org/techniques/T1195/002/
- attack.mitre.orginlineT1204https://attack.mitre.org/techniques/T1204/
- attack.mitre.orginlineT1547https://attack.mitre.org/techniques/T1547/
- attack.mitre.orginlineT1555https://attack.mitre.org/techniques/T1555/
- bitdefender.cominlineBitdefender Business Insights, 2026-05-13https://www.bitdefender.com/en-us/blog/businessinsights/famoussparrow-apt-targets-azerbaijani-oil-gas-industry
- sentinelone.cominlineSentinelOne, 2026-05-15https://www.sentinelone.com/blog/living-off-the-pipeline-defending-against-ci-cd-subversion/
Items in briefs about yoda-digital mcp-gitlab-server < 0.6.0 — no-auth SSE RPC endpoint bound to 0.0.0.0 with wildcard CORS exposes operator GitLab PAT (CVSS 4.0 = 9.2; GHSA-8jr5-6gvj-rfpf); noted in § 7 (niche package)
No parsed item heading or body matches this entity yet. Items match by exact CVE id (for CVE entities), by lead-segment substring of the title in the item heading or body, or by a distinctive anchor token from the title appearing in the item heading. Coverage that lives inside a broader section (no per-item heading) is captured by the Story timeline above.