Windows-MCP: HTTP transports expose unauthenticated PowerShell control with wildcard CORS
High severity
GitHub Reviewed
Published
May 14, 2026
in
CursorTouch/Windows-MCP
•
Updated Jul 9, 2026
Give feedback on Dependabot alerts