CVE-2026-15189
Deferred Deferred - Pending Action

Server-Side Request Forgery in aerostackdev aerostack-mcp

Vulnerability report for CVE-2026-15189, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-09

Last updated on: 2026-07-09

Assigner: VulDB

Description

A security vulnerability has been detected in aerostackdev aerostack-mcp up to 6315dfde7df0a15aaf743f88d91347115e09ba23. Affected by this issue is the function upload_media of the component mcp-whatsapp. Such manipulation of the argument media_url leads to server-side request forgery. The attack may be launched remotely. This product operates on a rolling release basis, ensuring continuous delivery. Consequently, there are no version details for either affected or updated releases. The project was informed of the problem early through an issue report but has not responded yet.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-09
Last Modified
2026-07-09
Generated
2026-07-09
AI Q&A
2026-07-09
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
aerostackdev aerostack-mcp to 6315dfde7df0a15aaf743f88d91347115e09ba23 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-918 The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is a Server-Side Request Forgery (SSRF) found in the upload_media function of the mcp-whatsapp component in the aerostack-mcp project.

It occurs because the media_url parameter, which is controlled by the user, is fetched by the server without proper validation or restrictions on the destination URL.

As a result, an attacker can manipulate this parameter to make the server send outbound requests to arbitrary targets, including internal or external systems, potentially bypassing network protections.

Compliance Impact

The Server-Side Request Forgery (SSRF) vulnerability in the upload_media function of the mcp-whatsapp component allows attackers to make the server initiate unauthorized outbound requests. This can lead to unauthorized access to internal services and potential data exfiltration.

Such unauthorized access and potential data leakage could impact compliance with data protection regulations like GDPR and HIPAA, which require strict controls over personal and sensitive data to prevent unauthorized disclosure or access.

However, the provided information does not explicitly detail the vulnerability's direct impact on compliance with these standards or any mitigation measures.

Impact Analysis

This vulnerability can allow an attacker to make the server initiate unauthorized requests to internal or external systems.

  • Unauthorized access to internal services that are normally protected from external access.
  • Potential data exfiltration by forcing the server to interact with attacker-controlled endpoints.
  • Further exploitation within the server's network by leveraging the SSRF to reach otherwise inaccessible resources.
Detection Guidance

This vulnerability can be detected by monitoring for unusual outbound requests initiated by the server, especially those triggered by the upload_media function in the mcp-whatsapp component. Since the vulnerability involves server-side request forgery (SSRF) through the media_url parameter, detection involves identifying unexpected or unauthorized fetch calls to external or internal network addresses.

You can look for suspicious network traffic or logs showing outbound HTTP requests to unusual or internal IP addresses or domains that are not normally accessed by the server.

Suggested commands to help detect this vulnerability include:

  • Use network monitoring tools like tcpdump or Wireshark to capture outbound traffic from the server and filter for HTTP requests:
  • tcpdump -i <interface> 'tcp port 80 or tcp port 443'
  • Check server logs for calls to the upload_media function or any logs that record the media_url parameter usage.
  • Use application-level logging or debugging to trace calls to fetch() within the upload_media function.
  • If possible, run a security scanner or custom script to test the upload_media endpoint by submitting controlled media_url values that point to internal or restricted IP addresses and observe if the server makes the requests.
Mitigation Strategies

Immediate mitigation steps include restricting and validating the media_url parameter in the upload_media function to prevent SSRF attacks.

Specifically, you should:

  • Implement strict validation on the media_url input to allow only trusted schemes (e.g., HTTPS) and known safe domains or IP addresses.
  • Block requests to internal IP ranges, loopback addresses, metadata service IPs, and other sensitive network segments.
  • Add network-level controls such as firewall rules to prevent the server from making outbound requests to unauthorized destinations.
  • Monitor and log all outbound requests made by the upload_media function to detect and respond to suspicious activity.
  • If possible, temporarily disable or restrict access to the upload_media functionality until a proper fix or patch is available.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-15189. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart