CVE-2025-65513

Publication date

2025-12-09 00:00:00

Family

mitre

State

PUBLISHED

Description

fetch-mcp v1.0.2 and before is vulnerable to Server-Side Request Forgery (SSRF) vulnerability, which allows attackers to bypass private IP validation and access internal network resources.