CVE-2026-7094

Name of the Vulnerable Software and Affected Versions ShadowCloneLabs GlutamateMCPServers versions up to e2de73280b01e5d943593dd1aa2c01c5b9112f78

Description A remote server-side request forgery (SSRF) exists in the puppeteer navigate component within the file src/puppeteer/index.ts. This issue occurs when the url argument is manipulated, allowing an attacker to induce the server to make unintended requests.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.