PatchSiren

universal-tool-calling-protocol CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

LOW universal-tool-calling-protocol CVE published 2026-06-15

CVE-2026-12210

A Server-Side Request Forgery (SSRF) vulnerability was detected in universal-tool-calling-protocol python-utcp 1.1.0. This affects an unknown function of the component utcp-gql/utcp-websocket. Performing a manipulation results in server-side request forgery. The attack can be initiated remotely. The exploit is now public and may be used.