Back to CVE List

CVE-2026-42449

HIGH SEVERITY

CVSS Score & Metrics

Base Score
8.5 / 10

Vulnerability Description

n8n-mcp's IPv4-mapped IPv6 addresses bypass SSRF protection in validateUrlSync(), enabling full SSRF for SDK embedders

Vulnerability Details

Published Date
Last Modified
Source
GitHub
Vendor
npm
Product
n8n-mcp

External References

Discussion (0)

Add Comment

No comments yet. Be the first!