CVE-2026-5470

Name of the Vulnerable Software and Affected Versions mixelpixx Google-Research-MCP (affected versions not specified)

Description A security issue exists in the function extractContent of the file src/services/content-extractor.service.ts within the Model Context Protocol Handler component. Manipulation of the URL argument can lead to server-side request forgery. This attack can be initiated remotely and has been publicly disclosed.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.