CVE lookup
CVE-2026-27203
Pruva has a verified reproduction for CVE-2026-27203: eBay MCP Server Environment Variable Injection via Crafted Prompts. The canonical evidence record is REPRO-2026-00115.
REPRO
REPRO-2026-00115
Package
@anthropic-ai/ebay-mcp-server · npm
Severity
CRITICAL
Status
published