From 56a827e7323644a7e5c19898d1c4f42121ffcc97 Mon Sep 17 00:00:00 2001
From: "pensarapp[bot]" <182705637+pensarapp[bot]@users.noreply.github.com>
Date: Thu, 22 May 2025 07:57:56 +0000
Subject: [PATCH] Fix security issue: Exposed Remote Debug Interface with
 Arbitrary Code Execution Risk (CWE-489)

---
 cognee-mcp/entrypoint.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/cognee-mcp/entrypoint.sh b/cognee-mcp/entrypoint.sh
index 2c14518fc..4b32807f6 100644
--- a/cognee-mcp/entrypoint.sh
+++ b/cognee-mcp/entrypoint.sh
@@ -32,10 +32,10 @@ sleep 2
 if [ "$ENVIRONMENT" = "dev" ] || [ "$ENVIRONMENT" = "local" ]; then
     if [ "$DEBUG" = "true" ]; then
         echo "Waiting for the debugger to attach..."
-        exec python -m debugpy --wait-for-client --listen 0.0.0.0:5678 -m cognee
+        exec python -m debugpy --wait-for-client --listen 127.0.0.1:5678 -m cognee
     else
         exec cognee
     fi
 else
     exec cognee
-fi
+fi
\ No newline at end of file