DeepTutor before version 1.4.10 contains an authorization bypass vulnerability that allows low-privilege users to invoke unrestricted MCP tools due to the allowedmcptools function returning None instead of a denied result when mcptools is omitted from a user's grant in deeptutor/multiuser/tool_access.py. Attackers or prompt-injected content acting within a user session can enumerate and invoke any configured MCP tool, including filesystem, shell, and browser servers, gaining unauthorized access to sensitive deployment resources.
{
"cna_assigner": "VulnCheck",
"cwe_ids": [
"CWE-862"
],
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/58xxx/CVE-2026-58168.json"
}