CVE-2026-14748
Received Received - Intake

Server-Side Request Forgery in AIAnytime Awesome-MCP-Server

Vulnerability report for CVE-2026-14748, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-05

Last updated on: 2026-07-05

Assigner: VulDB

Description

A flaw has been found in AIAnytime Awesome-MCP-Server up to a884bb51bcd99e08e14fd712c749d55d9d9a13ab. Affected by this issue is some unknown functionality of the file mcp-wiki/src/mcp_wiki/server.py of the component mcp-wiki/wiki-summary. This manipulation of the argument url causes server-side request forgery. The attack may be initiated remotely. The exploit has been published and may be used. This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available. The project was informed of the problem early through an issue report but has not responded yet.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-05
Last Modified
2026-07-05
Generated
2026-07-05
AI Q&A
2026-07-05
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
aianytime awesome_mcp_server to a884bb51bcd99e08e14fd712c749d55d9d9a13ab (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-918 The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is a Server-Side Request Forgery (SSRF) found in the AIAnytime Awesome-MCP-Server, specifically in the mcp-wiki component's server.py file. It occurs because the application takes a URL argument and passes it directly to Python's requests.get() function with only a minimal check that the URL starts with "http". There is no further validation or restrictions on the destination, allowing an attacker to make the server send HTTP requests to arbitrary locations, including internal services or attacker-controlled servers.

An attacker can exploit this remotely by supplying a malicious URL parameter, causing the server to perform unintended requests on their behalf. This can be done through the MCP client interface, and proof of concept exploits have been demonstrated using tools like MCP Inspector.

Impact Analysis

The impact of this SSRF vulnerability is that an attacker can make the vulnerable server send HTTP requests to arbitrary destinations. This can lead to unauthorized access to internal services that are not normally exposed externally, potentially exposing sensitive data or internal network resources.

Additionally, attackers could use this to exfiltrate data from the server's network or interact with cloud metadata endpoints, which might allow them to gain further access or escalate privileges.

Detection Guidance

This Server-Side Request Forgery (SSRF) vulnerability can be detected by monitoring outbound HTTP requests originating from the vulnerable server to unexpected or attacker-controlled destinations.

A practical detection method involves using a request-capture endpoint such as webhook.site to observe if the server makes HTTP GET requests to URLs supplied as input.

For example, starting the vulnerable server and using the MCP Inspector tool to invoke the vulnerable function with a payload URL like https://webhook.site/your-unique-id?SSRF20260605 can confirm the SSRF if the request appears on the capture endpoint.

On the network or system, you can also use commands to monitor outbound HTTP requests or network connections from the server process, such as:

  • Using tcpdump or tshark to capture outbound HTTP traffic: tcpdump -i eth0 'tcp dst port 80 or 443'
  • Using netstat or ss to monitor established connections from the server process: netstat -plant | grep python or ss -plant | grep python
  • Using process monitoring tools like lsof to check open network connections: lsof -i -a -p <server_process_pid>
Mitigation Strategies

Immediate mitigation steps include restricting or validating the URL parameter to prevent arbitrary HTTP requests.

Since the vulnerability arises from insufficient validation of the URL parameter passed to requests.get(), implementing strict allowlisting of domains, IP ranges, and ports is recommended.

Additionally, applying network-level controls such as firewall rules to block outbound requests to untrusted or internal endpoints from the server can reduce risk.

If possible, update the software to a patched version once available or disable the vulnerable functionality temporarily.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-14748. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart