HighCVENVD — high/critical CVEs (rolling 7d)· 9 Apr 2026

CVE-2026-5832 — A weakness has been identified in atototo api-lab-mcp up to 0.2.1. This affects…

Severity: High · Kind: Vulnerability

Plain-English summary on the way

We've ingested this item but haven't summarised it yet. Read the upstream advisory using the link below in the meantime — the AI summary will appear here once the next run completes.

From the source

A weakness has been identified in atototo api-lab-mcp up to 0.2.1. This affects the function analyze_api_spec/generate_test_scenarios/test_http_endpoint of the file src/mcp/http-server.ts of the component HTTP Interface. This manipulation of the argument source/url causes server-side request forgery. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.

Vulnerability facts

CVE: CVE-2026-5832
CVSS: 7.3

Read the original advisory →← All threat intel

Was this useful?

00000Sign in to react

Plain-English summaries are AI-generated and reviewed for tone, not technical accuracy. For incident response, always rely on the original source linked above.