1. SOAR MCP Integration Leaks Internal API URLs Through Error Messages, Aiding Reconnaissance
A security researcher has identified an information disclosure vulnerability in the SOAR (Security Orchestration, Automation and Response) MCP (Model Context Protocol) integration, where failed API calls return error messages containing full internal REST API URLs. The flaw exposes the SOAR platform's hostname and exac...