CVE-2025-66454 is a cryptographic key management vulnerability classified under CWE-321 (Use of Hard-coded Cryptographic Key) and CWE-798 (Use of Hard-coded Credentials) affecting the arcade-mcp HTTP server component of ArcadeAI prior to version 1.5.4. The server employs a hardcoded default worker secret with the value "dev" that is never validated or replaced during normal startup. This secret is used to sign JSON Web Tokens (JWTs) for authentication purposes within the FastAPI framework. Because the secret is hardcoded and publicly known, any unauthenticated attacker can forge valid JWTs, effectively bypassing the authentication mechanism. This grants full remote access to all worker endpoints, including sensitive operations such as tool enumeration and invocation, without requiring any credentials or user interaction. The vulnerability does not impact availability but compromises confidentiality and integrity by allowing unauthorized access and potential manipulation of server functions. The flaw arises from insecure cryptographic key management and lack of proper secret rotation or validation. The issue was publicly disclosed on December 2, 2025, and fixed in arcade-mcp version 1.5.4. No known exploits are currently reported in the wild, but the ease of exploitation and the critical nature of the access gained make this a significant risk.

For European organizations using arcade-mcp versions prior to 1.5.4, this vulnerability poses a serious risk to the confidentiality and integrity of their systems. Attackers can remotely bypass authentication controls without any credentials, gaining unauthorized access to internal APIs and tools. This could lead to unauthorized data disclosure, manipulation of internal processes, and potential lateral movement within the network. Organizations relying on arcade-mcp for critical operations or sensitive data processing may face compliance violations under GDPR due to unauthorized data access. The lack of availability impact reduces the risk of service disruption but does not diminish the threat of data compromise. Given the remote, unauthenticated nature of the exploit, attackers can operate stealthily, increasing the risk of prolonged undetected breaches. The vulnerability's medium CVSS score reflects the balance between ease of exploitation and the scope of impact, but the actual risk may be higher in environments where arcade-mcp is exposed to untrusted networks or integrated with sensitive workflows.

The primary mitigation is to upgrade arcade-mcp to version 1.5.4 or later, where the hardcoded default worker secret issue is resolved. Until upgrade is possible, organizations should implement network-level access controls to restrict access to the arcade-mcp HTTP server to trusted internal hosts only. Employing firewall rules, VPNs, or zero-trust network segmentation can reduce exposure. Additionally, monitoring and logging all access to the arcade-mcp endpoints can help detect suspicious activity indicative of JWT forgery attempts. If feasible, organizations should audit their deployment configurations to ensure no legacy or fallback secrets are in use. Implementing runtime application self-protection (RASP) or Web Application Firewalls (WAFs) with custom rules to detect anomalous JWT tokens may provide temporary defense. Finally, educating development and operations teams about secure cryptographic key management practices will help prevent similar issues in future deployments.