Threats Tagged 'cve-2026-7158'
View all threats tagged with 'cve-2026-7158'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'cve-2026-7158'
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-7158: Server-Side Request Forgery in dmitryglhf mcp-url-downloaderCVE-2026-7158 0 CVE-2026-7158 is a server-side request forgery (SSRF) vulnerability in the dmitryglhf mcp-url-downloader project affecting the _validate_url_safe function in src/mcp_url_downloader/server.py. This vulnerability allows remote attackers to manipulate the URL argument, potentially causing the server to make unauthorized requests. The issue has been publicly disclosed, but no official vendor response or patch is currently available. The product uses a rolling release model, so specific affected or fixed versions are not clearly identified. The CVSS 4.0 base score is 6.9, indicating a medium severity level. Join the discussion | CVE Database V5 | 04/27/2026, 21:00:17 UTC Added: 04/27/2026, 21:15:19 UTC |
Showing 1 to 1 of 1 result