Description

A data exfiltration vulnerability exists in Anthropic’s deprecated Slack Model Context Protocol (MCP) Server via automatic link unfurling. When an AI agent using the Slack MCP Server processes untrusted data, it can be manipulated to generate messages containing attacker-crafted hyperlinks embedding sensitive data. Slack’s link preview bots (e.g., Slack-LinkExpanding, Slackbot, Slack-ImgProxy) will then issue outbound requests to the attacker-controlled URL, resulting in zero-click exfiltration of private data.

INFO

Published Date :

2025-07-02T13:46:31.554Z

Last Modified :

2025-07-02T20:29:17.261Z

Source :

VulnCheck
AFFECTED PRODUCTS

The following products are affected by CVE-2025-34072 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-34072.

URL Resource
https://embracethered.com/blog/posts/2025/security-advisory-anthropic-slack-mcp-server-data-leakage/ cve-icon cve-icon
https://vulncheck.com/advisories/anthropic-slack-mcp-server-data-exfiltration cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability