Yuna0X0

**Name of the Vulnerable Software and Affected Versions** hackmd-mcp versions 1.4.0 through 1.4.9 **Description** hackmd-mcp is a Model Context Protocol server that integrates HackMD's note-taking platform with AI assistants. A server-side request forgery (SSRF) vulnerability exists in the HTTP transport mode, allowing attackers to redirect outbound API requests to internal network services, access internal endpoints, perform network reconnaissance, and bypass network access controls. The vulnerability occurs because arbitrary `hackmdApiUrl` values supplied via the `Hackmd-Api-Url` HTTP header or a base64-encoded JSON query parameter are accepted without validation. The stdio transport mode is not affected. **Recommendations** Update to version 1.5.0 or later. Alternatively, switch to stdio mode by setting `TRANSPORT=stdio` or removing the `TRANSPORT` environment variable. Restrict outbound network access using firewall rules or network policies. Place the MCP server behind a reverse proxy that validates and filters the `Hackmd-Api-Url` header and the base64-encoded JSON `config` query parameter.