Description
A security flaw has been discovered in pixelsock directus-mcp 1.0.0. This issue affects the function validateUrl of the file index.ts of the component MCP Interface. Performing a manipulation of the argument fileUrl results in server-side request forgery. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks. The pull request to fix this issue awaits acceptance.
Published: 2026-05-04
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The flaw originates in the validateUrl function within the Directus-MCP interface, where manipulating the fileUrl argument allows an attacker to force the server to send outbound HTTP requests. This server-side request forgery can expose internal network resources, retrieve sensitive data, or interact with services that should remain inaccessible to external actors, thus threatening confidentiality and potentially availability if the server is abused to conduct further attacks.

Affected Systems

pixelsock's Directus-MCP component in version 1.0.0 is affected. No other versions or products are listed as impacted in the current data.

Risk and Exploitability

The vulnerability carries a CVSS score of 5.3, indicating moderate severity. The EPSS score is unavailable, and it is not included in CISA's KEV catalog. An attacker can initiate the exploit remotely, and the public release of the exploit makes it immediately actionable. The fix is pending acceptance of a pull request, so the risk remains until a stable update is delivered.

Generated by OpenCVE AI on May 4, 2026 at 05:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest approved release of Directus-MCP once the pending pull request is merged.
  • Limit outbound network traffic from the MCP component to a whitelist of trusted domains to mitigate the SSRF attack surface.
  • Monitor MCP logs for unexpected outbound HTTP requests and isolate any affected instances when suspicious activity occurs.

Generated by OpenCVE AI on May 4, 2026 at 05:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 04 May 2026 16:15:00 +0000

Type Values Removed Values Added
First Time appeared Pixelsock
Pixelsock directus-mcp
Vendors & Products Pixelsock
Pixelsock directus-mcp

Mon, 04 May 2026 13:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 04 May 2026 04:30:00 +0000

Type Values Removed Values Added
Description A security flaw has been discovered in pixelsock directus-mcp 1.0.0. This issue affects the function validateUrl of the file index.ts of the component MCP Interface. Performing a manipulation of the argument fileUrl results in server-side request forgery. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks. The pull request to fix this issue awaits acceptance.
Title pixelsock directus-mcp MCP index.ts validateUrl server-side request forgery
Weaknesses CWE-918
References
Metrics cvssV2_0

{'score': 6.5, 'vector': 'AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 6.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 6.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Pixelsock Directus-mcp
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-05-04T12:57:18.618Z

Reserved: 2026-05-03T16:03:58.241Z

Link: CVE-2026-7729

cve-icon Vulnrichment

Updated: 2026-05-04T12:57:11.952Z

cve-icon NVD

Status : Deferred

Published: 2026-05-04T05:16:01.153

Modified: 2026-05-04T15:18:40.077

Link: CVE-2026-7729

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-04T16:06:08Z

Weaknesses