A critical flaw in a Telegram-facing MCP server shows how a bearer token can become dangerous when authentication logic is entangled with filesystem-based session handling.
A critical flaw in a Telegram MCP gateway shows how a single filesystem mistake can turn bearer-token authentication into an unexpected route into a live account session.