2 matches found
CVE-2026-7729 pixelsock directus-mcp MCP index.ts validateUrl server-side request forgery
A security flaw has been discovered in pixelsock directus-mcp 1.0.0. This issue affects the function validateUrl of the file index.ts of the component MCP Interface. Performing a manipulation of the argument fileUrl results in server-side request forgery. The attack may be initiated remotely. The...
CVE-2026-7729
CVE-2026-7729 affects pixelsock directus-mcp 1.0.0, specifically the MCP Interface’s index.ts validateUrl function. Manipulating the fileUrl argument can lead to server-side request forgery (SSRF). The vulnerability is exploitable remotely and, per the CVE metrics, has PROOF-OF-CONCEPT exploit ma...