CVE-2026-42260

Name of the Vulnerable Software and Affected Versions Open-WebSearch versions prior to 2.1.7

Description An issue exists in the isPublicHttpUrl and assertPublicHttpUrl functions within src/utils/urlSafety.ts that allows non-blind Server-Side Request Forgery (SSRF), where the response body is returned to the caller. This occurs because the validation logic fails to recognize bracketed IPv6 literals and does not perform DNS resolution on hostnames. Consequently, an attacker can use bracketed IPv6 addresses (such as [::1] or IPv4-mapped addresses like [::ffff:7f00:1]) or a hostname pointing to a private IP address to bypass security checks and access internal network resources. The fetchWebContent tool is specifically affected, as it returns the result of the request to the caller. If the HTTP server is enabled, the /mcp and /sse endpoints are exposed without authentication and with permissive CORS settings, increasing the risk of exploitation.

Recommendations Update to version 2.1.7. As a temporary workaround, restrict access to the fetchWebContent tool or avoid providing it with URLs that may resolve to internal network addresses.