High severityOSV Advisory· Published Jan 7, 2026· Updated Apr 15, 2026
CVE-2025-9611
CVE-2025-9611
Description
Microsoft Playwright MCP Server versions prior to 0.0.40 fails to validate the Origin header on incoming connections. This allows an attacker to perform a DNS rebinding attack via a victim’s web browser and send unauthorized requests to a locally running MCP server, resulting in unintended invocation of MCP tool endpoints.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
@playwright/mcpnpm | < 0.0.40 | 0.0.40 |
Affected products
2Patches
Vulnerability mechanics
References
7- github.com/advisories/GHSA-6fg3-hvw7-2fwqghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-9611ghsaADVISORY
- github.com/JLLeitschuh/security-research/security/advisories/GHSA-8rgw-6xp9-2fg3nvdWEB
- github.com/microsoft/playwright-mcp/issues/1206ghsaWEB
- github.com/microsoft/playwright/commit/1313fbdnvdWEB
- msrc.microsoft.com/report/vulnerability/VULN-164412ghsaWEB
- www.vulncheck.com/advisories/microsoft-playwright-mcp-server-dns-rebinding-via-missing-origin-header-validationnvdWEB
News mentions
0No linked articles in our index yet.