EINPresswire/ -- **Enkrypt AI**, a leader in AI security and compliance, today announced the launch of **MCP Scanner**, the first security platform designed specifically for Model Context Protocol (MCP) servers. The announcement follows an industry first study by Enkrypt AI that revealed nearly **one in three MCP servers contain critical vulnerabilities**.

In an analysis of more than **1,000 MCP servers** across GitHub, enterprise registries, and open source deployments, the company found:

- **32 percent contained at least one critical vulnerability**
- Servers averaged **5.2 vulnerabilities each**
- Some popular projects had **20 or more flaws**, including command injection and authorization bypasses
- **Zero percent included security documentation**

MCP has quickly become the standard for connecting AI agents to production systems such as databases, Kubernetes clusters, SaaS tools, and cloud infrastructure. Yet the findings show that traditional scanners miss MCP specific risks, leaving enterprises exposed to significant attack surfaces.

---

### Real World Risks Already Emerging

The research highlights critical exposures already seen in practice:

- A widely used **Kubernetes MCP server** contained **26 vulnerabilities**, including six critical command injection flaws (CVSS 9.8), leaving entire clusters open to takeover.
- A malicious **Postmark MCP server** was discovered exfiltrating every email it processed while appearing fully legitimate to users.

In coverage of this issue, **VentureBeat** recently warned of the risks of insecure MCP defaults.

“MCP is shipping with the same mistake we have seen in every major protocol rollout: insecure defaults,” said Merritt Baer, Chief Security Officer at Enkrypt AI, in an interview with VentureBeat. “If we do not build authentication and least privilege in from day one, we will be cleaning up breaches for the next decade.”

### MCP Scanner: Purpose Built Protection

Enkrypt AI’s **MCP Scanner** provides a four layer assessment across:

- **Configuration** — Authentication, sandboxing, timeouts
- **Code security** — Command injection, path traversal, denial of service vectors
- **Tool level checks** — Hidden malicious tools, permission escalation
- **Network posture** — TLS validation, SSRF, open ports

Reports are delivered in minutes, including **CVSS severity scores, line level references, and remediation guidance**. MCP Scanner integrates with **CI/CD pipelines, registries, and runtime gateways**, enabling enterprises to block vulnerabilities before deployment.

Since the private beta, MCP Scanner has scanned more than **1,000 servers**, remediated **1,000 vulnerabilities**, and onboarded **500 organizations**, achieving **zero false positives** in critical findings.

---

### Availability

MCP Scanner is available immediately, with **free assessments** for individual servers. Organizations can submit a GitHub repo, package, or endpoint at .

---

### About Enkrypt AI

Enkrypt AI is a purpose built AI security and compliance platform that helps enterprises safely deploy agents by detecting, removing, and monitoring risks such as data leakage, jailbreaks, hallucinations, and compliance gaps. Its unified platform combines red teaming, guardrails, and compliance automation to deliver end-to-end protection across the AI lifecycle. Trusted by Fortune 500 companies in finance, healthcare, and insurance, Enkrypt AI was founded in 2022 by Yale PhD experts and is backed by Boldcap, Berkeley SkyDeck, ARKA, and Kubera.

For any questions, please reach out:

📧 ... or connect on **LinkedIn/Twitter**.

MENAFN09102025003118003196ID1110174596