CVE-2026-45609

Source
https://cve.org/CVERecord?id=CVE-2026-45609
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-45609.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-45609
Aliases
Published
2026-05-29T13:48:06.703Z
Modified
2026-07-08T07:22:40.068732795Z
Severity
  • 7.2 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N CVSS Calculator
Summary
mcp-security: Unvalidated URL Fetching (SSRF)
Details

mcp-security provides Security and Authorization support for Model Context Protocol in Spring AI. Prior to 0.1.9, the mcp-security framework fails to implement the mandatory SSRF mitigations outlined in the Model Context Protocol (MCP) security specifications. Specifically, it processes untrusted URLs for OAuth-related discovery and metadata without verifying if the targets are malicious or internal to the network. This only affects installations with Dynamic Client Registration (DCR) enabled This vulnerability is fixed in 0.1.9.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/45xxx/CVE-2026-45609.json",
    "cwe_ids": [
        "CWE-918"
    ],
    "cna_assigner": "GitHub_M"
}
References

Affected packages

Git / github.com/spring-ai-community/mcp-security

Affected ranges

Type
GIT
Repo
https://github.com/spring-ai-community/mcp-security
Events
Database specific
{
    "source": [
        "AFFECTED_FIELD",
        "CPE_RANGE"
    ],
    "cpe": "cpe:2.3:a:springaicommunity:mcp_security:*:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "0.1.9"
        },
        {
            "introduced": "0.1.0"
        }
    ]
}

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-45609.json"