CVE-2026-7094
Received Received - Intake
Server-Side Request Forgery in GlutamateMCPServers Puppeteer Component

Publication date: 2026-04-27

Last updated on: 2026-05-01

Assigner: VulDB

Description
A vulnerability was determined in ShadowCloneLabs GlutamateMCPServers up to e2de73280b01e5d943593dd1aa2c01c5b9112f78. Affected by this issue is some unknown functionality of the file src/puppeteer/index.ts of the component puppeteer_navigate. Executing a manipulation of the argument url can lead to server-side request forgery. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. This product utilizes a rolling release system for continuous delivery, and as such, version information for affected or updated releases is not disclosed. The project was informed of the problem early through an issue report but has not responded yet.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-27
Last Modified
2026-05-01
Generated
2026-06-16
AI Q&A
2026-04-27
EPSS Evaluated
2026-06-15
NVD
CVE-2026-7094
EUVD
EUVD-2026-25783
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
shadowclonelabs glutamate_mcp_servers to 2025-06-26 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-918 The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-7094 is a Server-Side Request Forgery (SSRF) vulnerability found in the puppeteer_navigate component of ShadowCloneLabs GlutamateMCPServers. The issue occurs because the application accepts a user-supplied URL argument and directly passes it to the Puppeteer page.goto method without any validation or allowlisting.

This means an attacker with network access to the MCP/HTTP interface can force the server's headless browser to navigate to arbitrary URLs, including internal services or restricted resources, potentially exposing sensitive information or enabling further attacks.

The root cause is the lack of sanitization of the user-controlled URL in the source code file src/puppeteer/index.ts, specifically where await page.goto(args.url) is called.

Impact Analysis

This vulnerability can have critical impacts on confidentiality, integrity, and availability of the affected system.

  • Confidentiality: An attacker can access sensitive host or system data by forcing the server to make requests to internal or restricted resources.
  • Integrity: The attacker may alter the server state by exploiting the SSRF to interact with internal services.
  • Availability: The vulnerability could be used to disrupt services, causing denial of service or other availability issues.

The CVSS v3.1 base score is suggested as 10.0 (Critical), indicating a high severity impact if exploited.

Detection Guidance

This vulnerability can be detected by monitoring and analyzing requests to the MCP/HTTP interface, specifically those invoking the puppeteer_navigate method with user-supplied URL arguments. Detection involves identifying JSON-RPC requests that include URL parameters potentially pointing to internal or unauthorized addresses.

A proof-of-concept involves sending a JSON-RPC request to the vulnerable endpoint with a URL parameter such as "http://127.0.0.1:8000" to observe if the server navigates to internal or restricted resources.

Suggested commands for detection include using network monitoring tools like tcpdump or Wireshark to capture HTTP traffic to the MCP interface and grep or jq to filter JSON-RPC requests containing the puppeteer_navigate method and URL parameters.

  • Use tcpdump to capture traffic on the MCP HTTP port: tcpdump -i <interface> port <MCP_HTTP_port> -w capture.pcap
  • Analyze captured traffic with Wireshark or tshark to filter JSON-RPC requests: tshark -r capture.pcap -Y 'http.request and frame contains "puppeteer_navigate"'
  • Extract and inspect JSON payloads for suspicious URL parameters using jq: jq '.params.url' < captured_requests.json

Additionally, reviewing server logs for requests to the puppeteer_navigate handler with unusual or internal IP addresses in the URL parameter can help detect exploitation attempts.

Mitigation Strategies

Immediate mitigation steps include enforcing strict URL allowlists for outbound requests made by the puppeteer_navigate component. This means only allowing navigation to approved schemes, hosts, ports, and paths.

Block requests to loopback addresses (e.g., 127.0.0.1), link-local addresses, RFC1918 private IP ranges, and cloud metadata endpoints after DNS resolution and redirect handling to prevent SSRF exploitation.

Implement authentication and authorization controls on the MCP/HTTP handlers, especially those exposing the puppeteer_navigate functionality, to restrict access to trusted users only.

Add logging and rate limiting on sensitive endpoints to detect and prevent abuse.

From a development perspective, remove the direct flow of user-controlled URL data to the Puppeteer page.goto sink by implementing input schema validation at MCP/HTTP boundaries and adding regression tests to prevent such vulnerabilities.

Monitor the official repository and security advisories for patches and updates that fix this vulnerability and apply them as soon as they become available.

Compliance Impact

The vulnerability CVE-2026-7094 is a Server-Side Request Forgery (SSRF) that can lead to unauthorized information disclosure, alteration of server state, and service disruption. Such impacts on confidentiality, integrity, and availability can potentially cause non-compliance with standards and regulations like GDPR and HIPAA, which require protection of sensitive data and system integrity.

Specifically, the SSRF vulnerability allows attackers to access internal services and sensitive data, which may include personal or protected health information. This exposure risks violating data protection requirements under GDPR and HIPAA.

Mitigations such as strict URL allowlisting, blocking access to internal IP ranges, and adding authentication and logging are recommended to reduce the risk and help maintain compliance.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-7094. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart