From 1689da8f1a9ab6b436f517a55ea03b0943bc901d Mon Sep 17 00:00:00 2001 From: Matyas Heins <32817933+matheins@users.noreply.github.com> Date: Tue, 23 Sep 2025 13:34:47 +0200 Subject: [PATCH 1/2] docs: add Steuerboard MCP server to community servers (#2749) Co-authored-by: Ola Hungerford --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 1080831513..3b27125805 100644 --- a/README.md +++ b/README.md @@ -415,6 +415,7 @@ Official integrations are maintained by companies building production ready MCP - StackHawk Logo **[StackHawk](https://github.com/stackhawk/stackhawk-mcp)** - Use [StackHawk](https://www.stackhawk.com/) to test for and FIX security problems in your code or vibe coded app. - StarRocks Logo **[StarRocks](https://github.com/StarRocks/mcp-server-starrocks)** - Interact with [StarRocks](https://www.starrocks.io/) - Steadybit Logo **[Steadybit](https://github.com/steadybit/mcp)** - Interact with [Steadybit](https://www.steadybit.com/) +- Steuerboard Logo **[Steuerboard](https://github.com/steuerboard/steuerboard-mcp-typescript)** - Interact with the accounting data in your business using our official MCP server - Storybook Logo **[Storybook](https://github.com/storybookjs/addon-mcp)** - Interact with [Storybook](https://storybook.js.org/) to automate UI component testing and documentation - Stripe Logo **[Stripe](https://github.com/stripe/agent-toolkit)** - Interact with Stripe API - Sunra AI Logo **[Sunra AI](https://github.com/sunra-ai/sunra-clients/tree/main/mcp-server)** - Search for and run AI models on [Sunra.ai](https://sunra.ai). Discover models, create video, image, and 3D model content, track their status, and manage the generated media. From 402f0ed43ea8f5133258ebf3fa5495f1d96ea91a Mon Sep 17 00:00:00 2001 From: Misha Kolesnik Date: Tue, 23 Sep 2025 12:35:17 +0100 Subject: [PATCH 2/2] fix: resolve brace-expansion ReDoS vulnerability (CVE-2025-5889) (#2752) Updates brace-expansion from 2.0.1 to 2.0.2 to fix a Regular Expression Denial of Service vulnerability. Fixes #2700 --- package-lock.json | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/package-lock.json b/package-lock.json index 7a6e772c59..0f706418a5 100644 --- a/package-lock.json +++ b/package-lock.json @@ -2607,9 +2607,9 @@ } }, "node_modules/filelist/node_modules/brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz", + "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==", "dev": true, "license": "MIT", "dependencies": { @@ -6252,9 +6252,9 @@ } }, "src/filesystem/node_modules/brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz", + "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==", "license": "MIT", "dependencies": { "balanced-match": "^1.0.0"