Command Injection

mcp-markdownify-server is vulnerable to Command Injection. The vulnerability is due to unsanitized user input being passed into childprocess.exec, which allows an attacker to inject arbitrary shell commands and achieve remote code execution under the server process's privileges...

mcp-markdownify-server vulnerable to command injection in pptx-to-markdown tool

Summary A command injection vulnerability exists in the mcp-markdownify-server MCP Server. The vulnerability is caused by the unsanitized use of input parameters within a call to childprocess.exec, enabling an attacker to inject arbitrary system commands. Successful exploitation can lead to remot...

Unauthorized File Disclosure

mcp-markdownify-server is vulnerable to Unauthorized File Disclosure. The vulnerability is due to improper access control due to the get-markdown-file tool allowing external prompts to read arbitrary files from the host system...

CVE-2025-5273

All versions of the package mcp-markdownify-server are vulnerable to Files or Directories Accessible to External Parties via the get-markdown-file tool. An attacker can craft a prompt that, once accessed by the MCP host, will allow it to read arbitrary files from the host running the server...

CVE-2025-5276

All versions of the package mcp-markdownify-server are vulnerable to Server-Side Request Forgery SSRF via the Markdownify.get function. An attacker can craft a prompt that, once accessed by the MCP host, can invoke the webpage-to-markdown, bing-search-to-markdown, and youtube-to-markdown tools to...

CVE-2025-5276

All versions of the package mcp-markdownify-server are vulnerable to Server-Side Request Forgery SSRF via the Markdownify.get function. An attacker can craft a prompt that, once accessed by the MCP host, can invoke the webpage-to-markdown, bing-search-to-markdown, and youtube-to-markdown tools to...

CVE-2025-5273

All versions of the package mcp-markdownify-server are vulnerable to Files or Directories Accessible to External Parties via the get-markdown-file tool. An attacker can craft a prompt that, once accessed by the MCP host, will allow it to read arbitrary files from the host running the server...

CVE-2025-5273

All versions of the package mcp-markdownify-server are vulnerable to Files or Directories Accessible to External Parties via the get-markdown-file tool. An attacker can craft a prompt that, once accessed by the MCP host, will allow it to read arbitrary files from the host running the server...

CVE-2025-5276

All versions of the package mcp-markdownify-server are vulnerable to Server-Side Request Forgery SSRF via the Markdownify.get function. An attacker can craft a prompt that, once accessed by the MCP host, can invoke the webpage-to-markdown, bing-search-to-markdown, and youtube-to-markdown tools to...

CVE-2025-5276

All versions of the package mcp-markdownify-server are vulnerable to Server-Side Request Forgery SSRF via the Markdownify.get function. An attacker can craft a prompt that, once accessed by the MCP host, can invoke the webpage-to-markdown, bing-search-to-markdown, and youtube-to-markdown tools to...

CVE-2025-5276

All versions of the package mcp-markdownify-server are vulnerable to Server-Side Request Forgery SSRF via the Markdownify.get function. An attacker can craft a prompt that, once accessed by the MCP host, can invoke the webpage-to-markdown, bing-search-to-markdown, and youtube-to-markdown tools to...

CVE-2025-5276

CVE-2025-5276 affects mcp-markdownify-server. All versions are vulnerable to SSRF via Markdownify.get(), where improper validation in is_ip_private() and fetch() that follows redirects allows an attacker to access internal resources by crafting prompts that trigger webpage-to-markdown, bing-searc...

CVE-2025-5273

CVE-2025-5273 affects all versions of the package mcp-markdownify-server . The vulnerability arises from the get-markdown-file tool, where a crafted prompt accessed by the MCP host can cause the server to read arbitrary files on the host running it. This allows unauthorized disclosure of host fil...

CVE-2025-5273

All versions of the package mcp-markdownify-server are vulnerable to Files or Directories Accessible to External Parties via the get-markdown-file tool. An attacker can craft a prompt that, once accessed by the MCP host, will allow it to read arbitrary files from the host running the server...

PT-2025-23141

Name of the Vulnerable Software and Affected Versions: mcp-markdownify-server versions all Description: The issue allows an attacker to craft a prompt that, once accessed by the MCP host, will enable it to read arbitrary files from the host running the server via the get-markdown-file tool...

PT-2025-23142

Name of the Vulnerable Software and Affected Versions: mcp-markdownify-server versions all Description: The issue concerns Server-Side Request Forgery SSRF via the Markdownify.get function. An attacker can craft a prompt that, once accessed by the MCP host, can invoke the webpage-to-markdown,...