MCPwn Is Live. We Scanned the Supply Chains of 14 MCP Servers. Here's What We Found. April 18, 2026 MCPwn dropped this week. CVE-2026-33032 — CVSS 9.8, actively exploited, 2,600+ instances exposed. Two HTTP requests. No authentication. Full nginx server takeover. Then MCPwnfluence: CVE-2026-27825 and CVE-2026-27826. The most widely used Atlassian MCP server — SSRF chained with arbitrary file write for unauthenticated RCE. Two requests, root on your machine. Both disclosed by Pluto Security. Both named. Both actively exploited before patches shipped. These are the first named MCP exploit campaigns. They won't be the last. While the security community focuses on the exploits themselves, we asked a different question: what do the supply chains of MCP servers actually look like? If you're installing MCP servers to connect your AI assistant to GitHub, Slack, databases, and file systems — what are you actually trusting?…