Leading AppSec provider introduces the first free MCP Server Security Hub and self-serve vibe coding environment assessment to help security teams navigate emerging attack surface
TEL AVIV, Israel – Backslash Security, the modern application security platform for the AI era, today published the findings from an analysis of thousands of public Model Context Protocol (MCP) servers, revealing that hundreds of MCPs have security vulnerabilities that could expose private user data if left unchecked. To combat the risks stemming from this new and largely unprotected attack surface, the company has introduced the first publicly searchable MCP security database, the MCP Server Security Hub, and a self-service security assessment tool for vibe coding environments.
Introduced in late 2024, MCP servers have proven to be an easy-to-use extension of LLMs, due to the simplicity of their protocols, with the number of MCP servers now exceeding 15,000. The massive rate of adoption is, in part, made possible by the broad availability of independently developed MCPs, which introduces significant risk to both IT and development environments — further exacerbated by limited security knowledge of this new technology.
Backslash Security investigated the real-world security posture of more than 7,000 MCP servers to determine how the growth factors of this new technology contributed to security risks. The analysis revealed a large number of dangerously misconfigured or hastily built MCP servers and identified two main categories of vulnerabilities, which, when both are found in the same server, could be catastrophic:
- MCP ‘NeighborJack’ Vulnerability: Hundreds of MCP servers were explicitly bound to all network interfaces (0.0.0.0), making them accessible to anyone on the same local network. This was the most common vulnerability found, with hundreds of cases discovered.
- Excessive Permissions & OS Injection Vulnerability: Dozens of MCP servers allowed arbitrary command execution on the host machine.
The Backslash team observed several MCP servers that contained both vulnerabilities, allowing any malicious actor on the same network to gain full control of the host machine running the server. Malicious actors that come across these MCP servers would have full access to run any command, scrape memory, or impersonate tools used by AI agents.
Acknowledging that the utility MCP servers offer will make them a staple tool for vibe coders, Backslash Security has created the MCP Server Security Hub. It is the first and only public resource to score publicly available MCP servers based on their risk posture. The dynamically maintained and searchable central database contains over 7,000 MCP server entries, with new entries added daily. Each entry provides detailed information on the security risks associated with a given MCP server, including malicious patterns, code weaknesses, and detectable attack vectors. It also provides the MCP server origin information and documentation.
Going beyond MCP server risk, Backslash has also launched a free self-assessment tool for vibe coding environments to enable security teams to gain visibility into the vibe coding tools used by software developers in their organizations, and continuously gauge the risk posed by LLM models, MCP servers, and IDE AI rules in use.
Backslash Security customers already enjoy this visibility into their vibe coding environments with an intelligent dashboard, along with the addition of active prompt rules and Backslash’s own MCP server for assessing code risk.
“Our research highlights several prevalent MCP server weaknesses that can open enterprise environments to threat vectors including remote code execution, data exposure, and network traversal,” said Yossi Pik, co-founder and CTO, Backslash Security. “It’s critical to give developers and vibe coders the tools and guidance to safely navigate this emerging attack service, which is why we’ve created the MCP Server Security Hub. Developers will continue to tap MCP servers’ flexibility and utility, so we wanted to give the community a safer means of doing so.”
- Further insights from Backslash Security’s MCP server research can be found in our latest blog post.
- Visit the publicly available MCP Server Security Hub to see the security rankings of 7,000+ publicly available servers, and register for a free self-assessment of your vibe coding environment here.
About Backslash
Backslash Security offers a fresh approach to application security by creating a digital twin of your application, modeled into an AI-enabled App Graph. It filters “triggerable” vulnerabilities, categorizes security findings by business process, secures AI-generated code, and simulates the security impact of updates, using a fully agentless approach. Backslash dramatically improves AppSec efficiency, eliminating the frustration caused by legacy SAST and SCA tools. Forward-looking organizations use Backslash to modernize their application security for the AI era, shorten remediation time, and accelerate time-to-market of their applications. For more information, visit https://backslash.security.
