CVE-2026-12210 | universal-tool-calling-protocol python-utcp 1.1.0 utcp-gql/utcp-websocket server-side request forgery (Issue 86)

A vulnerability was found in universal-tool-calling-protocol python-utcp 1.1.0. It has been classified as critical. This affects an unknown function of the component utcp-gql/utcp-websocket. Performing a manipulation results in server-side request forgery.

This vulnerability is identified as CVE-2026-12210. The attack can be initiated remotely. Additionally, an exploit exists.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More