CVE-2026-44430
CVE-2026-44430 affects the MCP Registry: unauthenticated SSRF via the HTTP namespace verification that dials attacker-controlled domains. The root cause is an allowlist that only covers classic IPv4-derived categories and a manual CGNAT range, while omitting IPv6 prefixes that embed IPv4—specific...