Vulnerabilities

CVE-2026-25904 - Overly permissive Deno configuration in mcp-run-python leads to SSRF

2026-02-09 0 views admin
CVE-2026-25904 - Overly permissive Deno configuration in mcp-run-python leads to SSRF

CVE ID : CVE-2026-25904 Published : Feb. 9, 2026, 9:16 a.m. | 55 minutes ago Description : The Pydantic-AI MCP Run Python tool configures the Deno sandbox with an overly permissive configuration that allows the underlying Python code to access the localhost interface of the host to perform SSRF attacks. Note - the

CVE Details

Published
Feb. 9, 2026
Affected Product: Python
Impact: SSRF

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2026-25904python

More from Vulnerabilities

CVE-2026-22922 - Apache Airflow: Airflow externalLogUrl Permission Bypass

CVE-2026-22922 - Apache Airflow: Airflow externalLogUrl Permission Bypass

2026-02-09 0
CVE-2026-25846 - JetBrains YouTrack Mailbox Token Exposure Vulnerability

CVE-2026-25846 - JetBrains YouTrack Mailbox Token Exposure Vulnerability

2026-02-09 0
CVE-2026-24098 - Apache Airflow: Assigning single DAG permission leaked all DAGs Import Errors

CVE-2026-24098 - Apache Airflow: Assigning single DAG permission leaked all DAGs Import Errors

2026-02-09 0
CVE-2026-25848 - JetBrains Hub Authentication Bypass Vulnerability

CVE-2026-25848 - JetBrains Hub Authentication Bypass Vulnerability

2026-02-09 0

Trending

1

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

2025-10-27 • 189 views
2

CVE-2025-43939: Dell Unity OS Command Injection (High)

2025-10-30 • 148 views
3

Google disputes false claims of massive Gmail data breach

2025-10-30 • 130 views
4

Microsoft: DNS outage impacts Azure and Microsoft 365 services

2025-10-30 • 88 views
5

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting

2025-11-25 • 81 views