VYPR

PyPI package

mcp-url-downloader

pkg:pypi/mcp-url-downloader

Vulnerabilities (1)

  • CVE-2026-7158HigApr 27, 2026
    affected <= 0.1.0

    A vulnerability has been found in dmitryglhf mcp-url-downloader up to 4b8cf2de55f6e8864a77d108e8a94a5b8e4394c6. Affected by this issue is the function _validate_url_safe of the file src/mcp_url_downloader/server.py. Such manipulation of the argument url leads to server-side reque