K-Shield.Jr 15Th

**Name of the Vulnerable Software and Affected Versions** markdownify-mcp versions prior to 0.0.3 **Description** A Server-Side Request Forgery (SSRF) issue exists in the webpage-to-markdown conversion feature. This allows an attacker to circumvent private IP restrictions using hostname-based bypass and HTTP redirect chains, potentially granting access to internal network services. SSRF is a web security flaw that allows an attacker to induce the server-side application to make HTTP requests to an arbitrary domain of the attacker's choosing. **Recommendations** Update to version 0.0.3 or later.

**Name of the Vulnerable Software and Affected Versions** fetch-mcp versions 1.0.2 and earlier **Description** The software is susceptible to a Server-Side Request Forgery (SSRF) issue. This allows attackers to circumvent private IP validation and gain access to internal network resources. **Recommendations** Update to a version later than 1.0.2.