CVE-2026-5323: Server-Side Request Forgery in priyankark a11y-mcp
A vulnerability was found in priyankark a11y-mcp up to 1.0.5. This vulnerability affects the function A11yServer of the file src/index.js. The manipulation results in server-side request forgery. The attack must be initiated from a local position. The exploit has been made public and could be used. This product operates on a rolling release basis, ensuring continuous delivery. Consequently, there are no version details for either affected or updated releases. Upgrading to version 1.0.6 is able to resolve this issue. The patch is identified as e3e11c9e8482bd06b82fd9fced67be4856f0dffc. It is recommended to upgrade the affected component. The vendor acknowledged the issue but provides additional context for the CVSS rating: "a11y-mcp is a local stdio MCP server - it has no HTTP endpoint and is not network-accessible. The caller is always the local user or an LLM acting on their behalf with user approval."
AI Analysis
Technical Summary
This vulnerability in priyankark a11y-mcp (up to 1.0.5) allows an attacker with local access to manipulate the A11yServer function, resulting in server-side request forgery. Because the server operates locally without network endpoints, exploitation requires local user privileges or an LLM acting with user approval. The product uses a rolling release model, and upgrading to version 1.0.6, which includes the patch identified by commit e3e11c9e8482bd06b82fd9fced67be4856f0dffc, mitigates the vulnerability.
Potential Impact
The vulnerability enables an attacker with local access to cause the server to make unintended requests, potentially leading to unauthorized interactions with internal resources. However, since the server is not network-accessible and requires local user or approved LLM invocation, the risk is limited to local threat scenarios. The CVSS score of 4.8 reflects this medium severity impact.
Mitigation Recommendations
A fix is available by upgrading to version 1.0.6 of priyankark a11y-mcp, which addresses the SSRF vulnerability. Users should apply this update promptly. Since the server is local-only and requires user approval for invocation, no additional network-level mitigations are necessary.
CVE-2026-5323: Server-Side Request Forgery in priyankark a11y-mcp
Description
A vulnerability was found in priyankark a11y-mcp up to 1.0.5. This vulnerability affects the function A11yServer of the file src/index.js. The manipulation results in server-side request forgery. The attack must be initiated from a local position. The exploit has been made public and could be used. This product operates on a rolling release basis, ensuring continuous delivery. Consequently, there are no version details for either affected or updated releases. Upgrading to version 1.0.6 is able to resolve this issue. The patch is identified as e3e11c9e8482bd06b82fd9fced67be4856f0dffc. It is recommended to upgrade the affected component. The vendor acknowledged the issue but provides additional context for the CVSS rating: "a11y-mcp is a local stdio MCP server - it has no HTTP endpoint and is not network-accessible. The caller is always the local user or an LLM acting on their behalf with user approval."
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability in priyankark a11y-mcp (up to 1.0.5) allows an attacker with local access to manipulate the A11yServer function, resulting in server-side request forgery. Because the server operates locally without network endpoints, exploitation requires local user privileges or an LLM acting with user approval. The product uses a rolling release model, and upgrading to version 1.0.6, which includes the patch identified by commit e3e11c9e8482bd06b82fd9fced67be4856f0dffc, mitigates the vulnerability.
Potential Impact
The vulnerability enables an attacker with local access to cause the server to make unintended requests, potentially leading to unauthorized interactions with internal resources. However, since the server is not network-accessible and requires local user or approved LLM invocation, the risk is limited to local threat scenarios. The CVSS score of 4.8 reflects this medium severity impact.
Mitigation Recommendations
A fix is available by upgrading to version 1.0.6 of priyankark a11y-mcp, which addresses the SSRF vulnerability. Users should apply this update promptly. Since the server is local-only and requires user approval for invocation, no additional network-level mitigations are necessary.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- VulDB
- Date Reserved
- 2026-04-01T13:12:31.763Z
- Cvss Version
- 4.0
- State
- PUBLISHED
Threat ID: 69ce125de6bfc5ba1db26106
Added to database: 4/2/2026, 6:53:17 AM
Last enriched: 4/9/2026, 10:42:00 PM
Last updated: 5/20/2026, 10:49:55 AM
Views: 63
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.