Blog Home

Beyond Models: JFrog AI Catalog Evolves to Detect Shadow AI and Govern MCPs
November 13, 2025

When we first introduced the JFrog AI Catalog, it was our mission to provide the industry with a single system of record for governing the complex landscape of internal, open-source, and external commercial AI models. This foundational step was critical for enterprises to move from uncontrolled innovation to delivering AI with trust and confidence. However, …

Read More
JFrog Prompt Hijacking - Blog_Thumbnail

CVE-2025-6515 Prompt Hijacking Attack – How Session Hijacking Affects MCP Ecosystems
October 21, 2025

JFrog Security Research recently discovered and disclosed multiple CVEs in oatpp-mcp – the Oat++ framework’s implementation of Anthropic’s Model Context Protocol (MCP) standard. Among these, CVE-2025-6515 stood out due to its potential threat of hijacking MCP session IDs. Within the context of MCP we’ve dubbed this new attack technique “Prompt Hijacking“. Your browser does not …

Read More

Popular Tags