What happened
Two CVEs published 2026-06-23 against the Foreman MCP server: CVE-2026-12112 (CVSS 7.8) is a session management flaw where the server caches authenticated connections and trusts a non-secret session ID without re-validation, enabling session hijack of admin sessions by unauthenticated attackers. CVE-2026-9073 (CVSS 6.2) documents two logging mechanisms that expose session identifiers and full auth data at INFO and DEBUG levels respectively.
Why it matters
Foreman manages the complete lifecycle of servers and infrastructure. An MCP server wrapping Foreman with session hijack and credential-logging flaws means an AI agent connecting to Foreman MCP could be manipulated into leaking administrative sessions or have its own session stolen — compromising the entire managed infrastructure through the AI orchestration layer.
Attack vector
(CVE-2026-12112) Unauthenticated attacker provides a non-secret session ID; server improperly caches authenticated client connections and re-uses them without re-validating, allowing session hijack of active administrative sessions. (CVE-2026-9073) Session identifiers (treated as auth credentials) are logged at INFO level; debug logging also exposes full auth data in logs.
Affected systems
foreman-mcp-server (all versions prior to RHSA-2026:28438 patch)
Mitigation
Apply Red Hat errata RHSA-2026:28438. Advisory: https://access.redhat.com/errata/RHSA-2026:28438