CVE-2026-49357 dtwang CVE debrief

Who should care

Organizations using Line Desktop MCP, especially those with sensitive chat history or messaging functionality, should prioritize patching to prevent unauthorized access. Additionally, defenders responsible for securing network ports and monitoring for suspicious activity should be aware of this vulnerability.

Technical summary

The Line Desktop MCP project, unaffiliated with the official line-bot-mcp-server, supports a `--http-mode` Streamable HTTP transport for use with clients like n8n. In this mode, the server binds to `0.0.0.0` and exposes the MCP `/mcp` endpoint without an MCP-layer authentication check. Prior to version 1.1.2, any network client that can reach the port can initialize a session, list tools, and call tools that read LINE Desktop chat history or send LINE messages through the already logged-in desktop application. The vulnerability is fixed in version 1.1.2.

Defensive priority

High priority due to unauthenticated access and potential for sensitive data exposure.

Recommended defensive actions

• Apply the patch by updating to version 1.1.2 or later
• Inventory and review network-exposed Line Desktop MCP instances
• Limit exposure by restricting access to the MCP port
• Monitor for suspicious activity on the MCP port
• Review and update compensating controls for network security

Evidence notes

The primary evidence for this vulnerability comes from the CVE record and the NVD detail page. The vulnerability affects Line Desktop MCP versions prior to 1.1.2. Defenders should verify the version of Line Desktop MCP in use and check for any exposed instances on the network.

Official resources