VYPR

npm package

mcp-fetch-server

pkg:npm/mcp-fetch-server

Vulnerabilities (1)

  • CVE-2025-65513Dec 9, 2025
    affected <= 1.0.2

    fetch-mcp v1.0.2 and before is vulnerable to Server-Side Request Forgery (SSRF) vulnerability, which allows attackers to bypass private IP validation and access internal network resources.