Security · 2h ago
MCP Access Control Bug Found and Automated Scanner Built to Catch It
A developer discovered a vulnerability in their own MCP server where a support role could infer hidden billing tiers by using them as query filters, despite redaction on output. Existing security scanners missed the bug because they only read tool manifests, not runtime behavior. The author built Siege, a differential scanner that exercises a live MCP server as different roles to detect authorization leaks.
Meridian48 take
The story highlights a gap in MCP security tooling: static analysis can't catch runtime authorization flaws, and Siege fills that niche with a practical, role-relative approach.
Read the full reporting
I broke my own governed MCP server by hand, then built the scanner that catches the class →
DEV Community
mcp-securityauthorization-scanner