CVE-2025-65513 | THREATINT

Description

fetch-mcp v1.0.2 and before is vulnerable to Server-Side Request Forgery (SSRF) vulnerability, which allows attackers to bypass private IP validation and access internal network resources.

PUBLISHED Reserved 2025-11-18 | Published 2025-12-09 | Updated 2025-12-11 | Assigner mitre

References

github.com/...rver-Vuln-Analysis/blob/main/CVE-2025-65513.md exploit

thorn-pheasant-6d8.notion.site/...f7b44180029ca5d56e03195736

github.com/...rver-Vuln-Analysis/blob/main/CVE-2025-65513.md

cve.org (CVE-2025-65513)

nvd.nist.gov (CVE-2025-65513)

Download JSON