Home

Description

OpenHarness before commit bd4df81 contains a server-side request forgery vulnerability in the web_fetch and web_search tools that allows attackers to access private and localhost HTTP services by manipulating tool parameters without proper validation of target addresses. Attackers can influence an agent session to invoke these tools against loopback, RFC1918, link-local, or other non-public addresses to read response bodies from local development services, cloud metadata endpoints, admin panels, or other private HTTP services reachable from the victim host.

PUBLISHED Reserved 2026-04-13 | Published 2026-04-17 | Updated 2026-04-17 | Assigner VulnCheck




HIGH: 7.8CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:H/SI:L/SA:L

HIGH: 8.3CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L

Problem types

CWE-918 Server-Side Request Forgery (SSRF)

Product status

Default status
unaffected

Any version before bd4df81f634f8c7cddcc3fdf7f561a13dcbf03ae
affected

Credits

Chia Min Jun Lennon finder

References

github.com/HKUDS/OpenHarness/pull/92 exploit

github.com/HKUDS/OpenHarness/pull/92 issue-tracking

github.com/...ommit/bd4df81f634f8c7cddcc3fdf7f561a13dcbf03ae patch

www.vulncheck.com/...rness-ssrf-via-web-fetch-and-web-search third-party-advisory

cve.org (CVE-2026-40516)

nvd.nist.gov (CVE-2026-40516)

Download JSON