mcp-markdownify-server 1.0.0 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the mcp-markdownify-server package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
H Server-side Request Forgery (SSRF) mcp-markdownify-server is a Model Context Protocol (MCP) server that converts various file types and web content to Markdown format. It provides a set of tools to transform PDFs, images, audio files, web pages, and more into easily readable and shareable Markdown text. Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) due to the improper validation in `is_ip_private()` function and `fetch()` function automatically following HTTP redirects without re-validating the redirected destination URLs. An attacker can access internal network services by exploiting hostname-based bypass and HTTP redirect chains. Note: This is a bypass for the SSRF described by CVE-2025-5276. How to fix Server-side Request Forgery (SSRF)? There is no fixed version for `mcp-markdownify-server`.	*
H Arbitrary Command Injection mcp-markdownify-server is a Model Context Protocol (MCP) server that converts various file types and web content to Markdown format. It provides a set of tools to transform PDFs, images, audio files, web pages, and more into easily readable and shareable Markdown text. Affected versions of this package are vulnerable to Arbitrary Command Injection due to using `child_process.exec` function. An attacker can execute arbitrary system commands by supplying specially crafted input parameters that are incorporated directly into shell command strings. How to fix Arbitrary Command Injection? A fix was pushed into the `master` branch but not yet published.	*

Vulnerability

Vulnerable Version

Server-side Request Forgery (SSRF)

mcp-markdownify-server is a Model Context Protocol (MCP) server that converts various file types and web content to Markdown format. It provides a set of tools to transform PDFs, images, audio files, web pages, and more into easily readable and shareable Markdown text.

Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) due to the improper validation in is_ip_private() function and fetch() function automatically following HTTP redirects without re-validating the redirected destination URLs. An attacker can access internal network services by exploiting hostname-based bypass and HTTP redirect chains.

Note:

This is a bypass for the SSRF described by CVE-2025-5276.

How to fix Server-side Request Forgery (SSRF)?

There is no fixed version for mcp-markdownify-server.

Arbitrary Command Injection

Affected versions of this package are vulnerable to Arbitrary Command Injection due to using child_process.exec function. An attacker can execute arbitrary system commands by supplying specially crafted input parameters that are incorporated directly into shell command strings.

How to fix Arbitrary Command Injection?

A fix was pushed into the master branch but not yet published.

mcp-markdownify-server@1.0.0 vulnerabilities

MCP Markdownify Server - Model Context Protocol Server for Converting Almost Anything to Markdown

latest version

first published

latest version published

licenses detected

Direct Vulnerabilities

Fix vulnerabilities automatically