PT-2026-55763 · Unknown · Markdownify-Mcp
Dem0000000
·
Published
2026-07-05
·
Updated
2026-07-05
·
CVE-2026-14702
CVSS v3.1
2.5
Low
| Vector | AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
zcaceres markdownify-mcp versions prior to 1.1.1
Description
A flaw exists in the
saveToTempFile() function within the src/Markdownify.ts file of the webpage-to-markdown, youtube-to-markdown, and bing-search-to-markdown components. This issue results in the generation of insufficiently random values. Exploitation requires local execution and is characterized by high complexity and difficult exploitability.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Use of Insufficiently Random Values
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Markdownify-Mcp