CVE-2026-7146
Published: 27 April 2026
Summary
CVE-2026-7146 is a high-severity SSRF (CWE-918) vulnerability. Its CVSS base score is 7.3 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 16.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
This vulnerability is AI-related — categorised as AI Agent Protocols and Integrations; in the Protocol-Specific Risks risk domain.
The strongest mitigations our analysis identified are NIST 800-53 SC-7 (Boundary Protection) and SI-10 (Information Input Validation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Implements input validation mechanisms on user-supplied parameters to the axios HTTP request handler in src/servers/web-scraper/server.js, directly preventing SSRF exploitation by rejecting malformed or unauthorized URLs.
Monitors and controls outbound communications at system boundaries to block the web-scraper server from forging requests to internal or unauthorized resources.
Enforces information flow control policies to restrict the HTTP request handler from initiating connections to unapproved destinations, mitigating SSRF impacts.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
SSRF vulnerability in unauthenticated public-facing HTTP Request Handler (web-scraper component) directly enables remote exploitation of a public-facing application without user interaction.
NVD Description
A security vulnerability has been detected in AlejandroArciniegas mcp-data-vis up to de5a51525a69822290eaee569a1ab447b490746d. Affected by this vulnerability is the function axios of the file src/servers/web-scraper/server.js of the component HTTP Request Handler. Such manipulation leads to server-side request forgery. The attack may…
more
be launched remotely. The exploit has been disclosed publicly and may be used. This product operates on a rolling release basis, ensuring continuous delivery. Consequently, there are no version details for either affected or updated releases. The project was informed of the problem early through an issue report but has not responded yet.
Deeper analysisAI
CVE-2026-7146 is a server-side request forgery (SSRF) vulnerability affecting the AlejandroArciniegas mcp-data-vis project up to commit de5a51525a69822290eaee569a1ab447b490746d. The issue resides in the axios function within the file src/servers/web-scraper/server.js, part of the HTTP Request Handler component. This open-source project operates on a rolling release basis, with no specific version details for affected or patched releases.
Remote attackers can exploit this vulnerability without authentication or user interaction, as indicated by its CVSS 3.1 base score of 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L). By manipulating requests to the vulnerable handler, attackers can forge server-side HTTP requests, potentially leading to low-level impacts on confidentiality, integrity, and availability, such as unauthorized access to internal resources or services.
Advisories from VulDB (vuln/359745) note that the project was informed early via GitHub issue #1 but has not responded. No patches or mitigations are available, and the exploit has been publicly disclosed, increasing the risk for deployments using the affected commit range. Security practitioners should monitor the repository at https://github.com/AlejandroArciniegas/mcp-data-vis for updates.
The vulnerability carries CWE-918 classification, and while no real-world exploitation in the wild is reported, its public disclosure via VulDB submission 801895 heightens the urgency for auditing and isolating affected instances.
Details
- CWE(s)
AI Security AnalysisAI
- AI Category
- AI Agent Protocols and Integrations
- Risk Domain
- Protocol-Specific Risks
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- Matched keywords: mcp