CVE-2026-46341: CWE-20: Improper Input Validation in apify apify-mcp-server
CVE-2026-46341 is a medium severity vulnerability in the apify-mcp-server prior to version 0.9.21. It involves improper input validation in the fetch-apify-docs tool, which uses String.startsWith() to validate allowlisted documentation domains instead of proper URL hostname comparison. This flaw allows attacker-controlled URLs that appear to be from allowed domains but actually redirect to malicious hosts, potentially returning arbitrary content to the language model. The issue is fixed in version 0.9.21.
AI Analysis
Technical Summary
The vulnerability in apify-mcp-server's fetch-apify-docs tool arises from improper input validation (CWE-20) and incorrect handling of relative path elements (CWE-183). The tool validates allowed documentation domains using String.startsWith() rather than verifying the URL hostname, allowing crafted URLs such as 'https://docs.apify.com.evil.com/' or 'https://[email protected]/' to bypass domain checks. This enables attackers to fetch arbitrary content from unintended hosts and return it to the language model. The vulnerability affects versions prior to 0.9.21 and is addressed by proper hostname validation in version 0.9.21.
Potential Impact
An attacker can bypass domain allowlist checks and cause the system to fetch and return arbitrary content from attacker-controlled domains. This can lead to the language model receiving malicious or misleading data, potentially impacting the integrity and reliability of automated data extraction processes. The CVSS 3.1 score is 6.1 (medium), reflecting network attack vector, low complexity, no privileges required, user interaction required, and partial confidentiality and integrity impact.
Mitigation Recommendations
This vulnerability is fixed in apify-mcp-server version 0.9.21 by correcting the domain validation logic to properly compare URL hostnames. Users should upgrade to version 0.9.21 or later to remediate this issue. No official patch or temporary fix is indicated beyond upgrading. Since this is not a cloud service, remediation depends on user action to update the software.
CVE-2026-46341: CWE-20: Improper Input Validation in apify apify-mcp-server
Description
CVE-2026-46341 is a medium severity vulnerability in the apify-mcp-server prior to version 0.9.21. It involves improper input validation in the fetch-apify-docs tool, which uses String.startsWith() to validate allowlisted documentation domains instead of proper URL hostname comparison. This flaw allows attacker-controlled URLs that appear to be from allowed domains but actually redirect to malicious hosts, potentially returning arbitrary content to the language model. The issue is fixed in version 0.9.21.
CVSS v3.1
Score 6.1medium
Affected software
Run on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The vulnerability in apify-mcp-server's fetch-apify-docs tool arises from improper input validation (CWE-20) and incorrect handling of relative path elements (CWE-183). The tool validates allowed documentation domains using String.startsWith() rather than verifying the URL hostname, allowing crafted URLs such as 'https://docs.apify.com.evil.com/' or 'https://[email protected]/' to bypass domain checks. This enables attackers to fetch arbitrary content from unintended hosts and return it to the language model. The vulnerability affects versions prior to 0.9.21 and is addressed by proper hostname validation in version 0.9.21.
Potential Impact
An attacker can bypass domain allowlist checks and cause the system to fetch and return arbitrary content from attacker-controlled domains. This can lead to the language model receiving malicious or misleading data, potentially impacting the integrity and reliability of automated data extraction processes. The CVSS 3.1 score is 6.1 (medium), reflecting network attack vector, low complexity, no privileges required, user interaction required, and partial confidentiality and integrity impact.
Mitigation Recommendations
This vulnerability is fixed in apify-mcp-server version 0.9.21 by correcting the domain validation logic to properly compare URL hostnames. Users should upgrade to version 0.9.21 or later to remediate this issue. No official patch or temporary fix is indicated beyond upgrading. Since this is not a cloud service, remediation depends on user action to update the software.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-05-13T18:37:30.990Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a5915cf68715ace436c3e55
Added to database: 07/16/2026, 17:33:03 UTC
Last enriched: 07/16/2026, 17:48:15 UTC
Last updated: 07/16/2026, 22:52:15 UTC
Views: 10
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.