CVE-2026-7146 in mcp-data-visinformación

Resumen

por MITRE • 2026-04-27

A security vulnerability has been detected in AlejandroArciniegas mcp-data-vis up to de5a51525a69822290eaee569a1ab447b490746d. Affected by this vulnerability is the function axios of the file src/servers/web-scraper/server.js of the component HTTP Request Handler. Such manipulation leads to server-side request forgery. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. This product operates on a rolling release basis, ensuring continuous delivery. Consequently, there are no version details for either affected or updated releases. The project was informed of the problem early through an issue report but has not responded yet.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsable

VulDB

Divulgación

2026-04-27

Moderación

aceptado

Artículo

VDB-359745

CPE

listo

CWE

CWE-918 (confirmado)

Explotación

Descargar

CVSS

7.3 (VulDB)

EPSS

0.00058

KEV

Actividades

muy bajo

Sector

Insurance, Finance, ...

Fuentes

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-7146
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-7146
CVE Details	https://www.cvedetails.com/cve/CVE-2026-7146/

◂ Anterior Visión De Conjunto Próximo ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!