CVE-2026-12210

CVSS v2.0

6.5

Medium

Vector

AV:N/AC:L/Au:S/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions python-utcp version 1.1.0

Description A server-side request forgery (SSRF) exists in the utcp-gql/utcp-websocket component of the universal-tool-calling-protocol. This issue allows a remote attacker to initiate a manipulation that results in the server making unauthorized requests.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

SSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-918

Related Identifiers

CVE-2026-12210

Affected Products

Python-Utcp

CVE-2026-12210

Weakness Enumeration

Related Identifiers

Affected Products

References · 9