Filtered by vendor Zcaceres
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-65512 | 1 Zcaceres | 1 Markdownify Mcp Server | 2026-01-02 | N/A | 7.5 HIGH |
| A Server-Side Request Forgery (SSRF) vulnerability was discovered in the webpage-to-markdown conversion feature of markdownify-mcp v0.0.2 and before. This vulnerability allows an attacker to bypass private IP restrictions through hostname-based bypass and HTTP redirect chains, enabling access to internal network services. | |||||
| CVE-2025-65513 | 1 Zcaceres | 1 Fetch Mcp Server | 2026-01-02 | N/A | 7.5 HIGH |
| fetch-mcp v1.0.2 and before is vulnerable to Server-Side Request Forgery (SSRF) vulnerability, which allows attackers to bypass private IP validation and access internal network resources. | |||||