CVE-2026-7729

CVE-2026-7729 affects pixelsock directus-mcp 1.0.0, specifically the MCP Interface’s index.ts validateUrl function. Manipulating the fileUrl argument can lead to server-side request forgery (SSRF). The vulnerability is exploitable remotely and, per the CVE metrics, has PROOF-OF-CONCEPT exploit ma...

CVE-2026-7729

A security flaw has been discovered in pixelsock directus-mcp 1.0.0. This issue affects the function validateUrl of the file index.ts of the component MCP Interface. Performing a manipulation of the argument fileUrl results in server-side request forgery. The attack may be initiated remotely. The...

CVE-2026-7729 pixelsock directus-mcp MCP index.ts validateUrl server-side request forgery

A security flaw has been discovered in pixelsock directus-mcp 1.0.0. This issue affects the function validateUrl of the file index.ts of the component MCP Interface. Performing a manipulation of the argument fileUrl results in server-side request forgery. The attack may be initiated remotely. The...

PT-2026-36758

Name of the Vulnerable Software and Affected Versions pixelsock directus-mcp version 1.0.0 Description A flaw in the MCP Interface component allows for server-side request forgery SSRF, a condition where an attacker can induce the server to make requests to an unintended location. This occurs...

Directus MCP Server 代码问题漏洞

The Directus MCP Server is a model context protocol server developed by pixelsock’s individual developers, which connects AI with content management systems. Version 1.0.0 of the Directus MCP Server contains code vulnerabilities. These vulnerabilities stem from the function validateUrl in the MCP...

EUVD-2019-3810

Malware in sbrugna...

CVE-2019-12161

WPO WebPageTest 19.04 allows SSRF because ValidateURL in www/runtest.php does not consider octal encoding of IP addresses such as 0300.0250 as a replacement for 192.168...