Tenable Research has identified a critical remote code execution vulnerability (CVE-2025-49596) in Anthropic's widely adopted MCP Inspector, an open-source tool crucial for AI development. With a CVSS score of 9.4, this flaw leverages default, insecure configurations, leaving organisations exposed by design. MCP Inspector is a popular tool with over 38,000 weekly downloads.