Asana identified a bug in its Model Context Protocol (MCP) server that may have exposed data to MCP users in other Asana accounts.
Original source: UpGuard
SecVista Signal