CVE-2026-32871

Exploit

EPSS 1.08%
Veröffentlicht 02.04.2026 14:52:39
Zuletzt bearbeitet 10.04.2026 15:58:07
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability

FastMCP is a Pythonic way to build MCP servers and clients. Prior to version 3.2.0, the OpenAPIProvider in FastMCP exposes internal APIs to MCP clients by parsing OpenAPI specifications. The RequestDirector class is responsible for constructing HTTP requests to the backend service. A vulnerability exists in the _build_url() method. When an OpenAPI operation defines path parameters (e.g., /api/v1/users/{user_id}), the system directly substitutes parameter values into the URL template string without URL-encoding. Subsequently, urllib.parse.urljoin() resolves the final URL. Since urljoin() interprets ../ sequences as directory traversal, an attacker controlling a path parameter can perform path traversal attacks to escape the intended API prefix and access arbitrary backend endpoints. This results in authenticated SSRF, as requests are sent with the authorization headers configured in the MCP provider. This issue has been patched in version 3.2.0.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 7

NVD 1 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Jlowin ≫ Fastmcp Version < 3.2.0

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.08%	0.606

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	10	3.9	6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
security-advisories@github.com	10	0	0	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CWE-918 Server-Side Request Forgery (SSRF)

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

https://github.com/PrefectHQ/fastmcp/security/advisories/GHSA-vv7q-7jx5-f767

Vendor Advisory

Exploit

Mitigation

https://github.com/PrefectHQ/fastmcp/pull/3507

Patch

Issue Tracking

https://github.com/PrefectHQ/fastmcp/commit/40bdfb6b1de0ce30609ee9ba5bb95ecd04a9fb71

Patch

https://github.com/PrefectHQ/fastmcp/releases/tag/v3.2.0

Product

Release Notes

https://nvd.nist.gov/vuln/detail/CVE-2026-32871

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-32871

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-32871

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-32871