GHSA-7hgr-7h44-33w2: CamoFox MCP: Unauthenticated HTTP MCP browser-control surface

camofox-mcp exposed a Streamable HTTP MCP endpoint at /mcp with rate limiting but no inbound MCP-layer authentication. When HTTP mode was enabled, any client that could reach /mcp could list and invoke browser-control tools.

If CAMOFOX_API_KEY was configured, the server then forwarded that server-side key to the underlying camofox-browser backend. That means an unauthenticated MCP caller could exercise the server’s browser authority without knowing the backend browser API key.

Reviewed vulnerable commit: 10e3ac08cb50d830eb4ee00a789229f02f28a1a4 Fixed commit observed on main: 599f56ee40f8062aeca541c251ed1d39fb437f50 Fixed release observed: v1.13.2 Suggested severity: High, with the caveat that default loopback-only deployments reduce practical exposure.