Server-side Request Forgery (SSRF) Affecting mcp-searxng package, versions <1.7.1


Severity

Recommended
0.0
medium
0
10

CVSS assessment by Snyk's Security Team. Learn more

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk Learn

Learn about Server-side Request Forgery (SSRF) vulnerabilities in an interactive lesson.

Start learning
  • Snyk IDSNYK-JS-MCPSEARXNG-17817916
  • published5 Jul 2026
  • disclosed19 Jun 2026
  • creditUnknown

Introduced: 19 Jun 2026

NewCVE-2026-58485  (opens in a new tab)
CWE-918  (opens in a new tab)

How to fix?

Upgrade mcp-searxng to version 1.7.1 or higher.

Overview

mcp-searxng is a MCP server for SearXNG integration

Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) in the web_url_read process due to insufficient validation in the assertUrlAllowed function. An attacker can access internal network resources and exfiltrate sensitive data by supplying a crafted URL that resolves to a private or loopback IP address via DNS, bypassing hostname string checks. This is only exploitable if the server is running in default HTTP mode with authentication disabled or if an AI agent connected to the server can be influenced to call web_url_read with attacker-controlled input.

CVSS Base Scores

version 4.0
version 3.1