CVE-2026-25904

Name of the Vulnerable Software and Affected Versions Pydantic-AI MCP Run Python tool (affected versions not specified)

Description The Pydantic-AI MCP Run Python tool is configured with an overly permissive Deno sandbox configuration. This allows Python code executed within the sandbox to access the localhost interface of the host system, potentially enabling Server-Side Request Forgery (SSRF) attacks. The project is archived and unlikely to receive a fix. The tool allows the underlying Python code to access the host's localhost interface. This access can be exploited to perform SSRF attacks.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.