CVE-2026-27826

Name of the Vulnerable Software and Affected Versions MCP Atlassian versions prior to 0.17.0

Description MCP Atlassian is a Model Context Protocol (MCP) server used with Atlassian products like Confluence and Jira. Prior to version 0.17.0, an unauthenticated attacker reaching the mcp-atlassian HTTP endpoint can make the server send HTTP requests to a URL controlled by the attacker by providing specific HTTP headers without an Authorization header. This occurs in the HTTP middleware and dependency injection layer. In cloud environments, this could lead to the theft of IAM role credentials through the instance metadata endpoint (169[.]254[.]169[.]254). In any HTTP deployment, it allows for internal network reconnaissance and the injection of attacker-controlled content into LLM tool results. The issue is related to the absence of required authentication checks for specific HTTP requests.

Recommendations Versions prior to 0.17.0 should be updated to version 0.17.0 or later.