CVE-2025-5276

HIGH Year: 2025
CVSS v3 Score
7.4
High
Weakness Type
CWE-918
View all →

Vulnerability Description

All versions of the package mcp-markdownify-server are vulnerable to Server-Side Request Forgery (SSRF) via the Markdownify.get() function. An attacker can craft a prompt that, once accessed by the MCP host, can invoke the webpage-to-markdown, bing-search-to-markdown, and youtube-to-markdown tools to issue requests and read the responses to attacker-controlled URLs, potentially leaking sensitive information.

Related Vulnerabilities

CVE-2016-7999

HIGH
CVSS:7.4(High)

ecrire/exec/valider_xml.php in SPIP 3.1.2 and earlier allows remote attackers to conduct server side request forgery (SSRF) attacks via a URL in the var_url parameter in a valider_xml action.

CWE-9182016

CVE-2016-9417

HIGH
CVSS:7.4(High)

The fetch_remote_file function in MyBB (aka MyBulletinBoard) before 1.8.8 and MyBB Merge System before 1.8.8 allows remote attackers to conduct server-side request forgery (SSRF) attacks via unspecifi...

CWE-9182016

CVE-2017-5518

HIGH
CVSS:7.4(High)

The media-file upload feature in GeniXCMS through 0.0.8 allows remote attackers to conduct SSRF attacks via a URL, as demonstrated by a URL with an intranet IP address.

CWE-9182017

CVE-2017-5617

HIGH
CVSS:7.4(High)

The SVG Salamander (aka svgSalamander) library, when used in a web application, allows remote attackers to conduct server-side request forgery (SSRF) attacks via an xlink:href attribute in an SVG file...

CWE-9182017

CVE-2017-5643

HIGH
CVSS:7.4(High)

Apache Camel's Validation Component is vulnerable against SSRF via remote DTDs and XXE.

CWE-9182017

CVE-2017-6130

HIGH
CVSS:7.4(High)

F5 SSL Intercept iApp 1.5.0 - 1.5.7 and SSL Orchestrator 2.0 is vulnerable to a Server-Side Request Forgery (SSRF) attack when deployed using the Dynamic Domain Bypass (DDB) feature feature plus SNAT ...

CWE-9182017