Raul Onitza-Klugman

**Name of the Vulnerable Software and Affected Versions** mcp-markdownify-server versions all **Description** The issue allows an attacker to craft a prompt that, once accessed by the MCP host, will enable it to read arbitrary files from the host running the server via the get-markdown-file tool. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** mcp-markdownify-server versions all **Description** The issue concerns Server-Side Request Forgery (SSRF) via the `Markdownify.get()` function. An attacker can craft a prompt that, once accessed by the MCP host, can invoke the webpage-to-markdown, bing-search-to-markdown, and youtube-to-markdown tools to issue requests and read the responses to attacker-controlled URLs, potentially leaking sensitive information. **Recommendations** As a temporary workaround, consider disabling the `Markdownify.get()` function until a patch is available. Restrict access to the webpage-to-markdown, bing-search-to-markdown, and youtube-to-markdown tools to minimize the risk of exploitation. Avoid using the `Markdownify.get()` function in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** aws-mcp-server (affected versions not specified) **Description** The issue is related to command injection. An attacker can craft a prompt that, once accessed by the MCP client, will run arbitrary commands on the host system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ComfyUI-Ace-Nodes (affected versions not specified) **Description** The issue concerns a Code Injection vulnerability. The ACE ExpressionEval node in ComfyUI-Ace-Nodes contains an eval() function in its entrypoint that accepts arbitrary user-controlled data, allowing a user to create a workflow that executes arbitrary code on the server. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ComfyUI-Bmad-Nodes (affected versions not specified) **Description** The issue is related to a code injection risk due to a validation bypass in the BuildColorRangeHSVAdvanced, FilterContour, and FindContour custom nodes. This vulnerability can be triggered by generating a workflow that injects a crafted string into the node, resulting in the execution of arbitrary code on the server. The entrypoint function to each node contains a call to `eval` which can be exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SoftwareX (affected versions not specified) **Description** The issue arises from a lack of validation of the `pip` field in a POST request sent to the "/customnode/install" endpoint, which is used to install custom nodes and is added to the server by the extension. This allows an attacker to craft a request that triggers a pip install on a user-controlled package or URL, resulting in remote code execution (RCE) on the server. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ComfyUI-Impact-Pack (affected versions not specified) **Description** The issue stems from missing validation of the `image.filename` field in a POST request sent to the "/upload/temp" endpoint, resulting in writing arbitrary files to the file system, which may lead to remote code execution (RCE) under certain conditions. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.