npm package
mcp-fetch-server
pkg:npm/mcp-fetch-server
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-65513 | — | <= 1.0.2 | — | Dec 9, 2025 | fetch-mcp v1.0.2 and before is vulnerable to Server-Side Request Forgery (SSRF) vulnerability, which allows attackers to bypass private IP validation and access internal network resources. |
- CVE-2025-65513Dec 9, 2025affected <= 1.0.2
fetch-mcp v1.0.2 and before is vulnerable to Server-Side Request Forgery (SSRF) vulnerability, which allows attackers to bypass private IP validation and access internal network resources.