Server-Side Request Forgery Vulnerability in mcp-markdownify-server by MCP
CVE-2025-5276

8.2HIGH

Key Information:

Vendor: MCP
Status: Mcp-markdownify-server
Vendor: CVE Published:; 29 May 2025

What is CVE-2025-5276?

The mcp-markdownify-server package is susceptible to Server-Side Request Forgery (SSRF) vulnerabilities through its Markdownify.get() function. This flaw allows attackers to craft a specific prompt that enables unauthorized access to webpage-to-markdown, bing-search-to-markdown, and youtube-to-markdown tools. This functionality could inadvertently expose sensitive information by making requests to URLs controlled by an attacker, thus revealing potentially exploitable data.

Affected Version(s)

mcp-markdownify-server 0

References

https://security.snyk.io/vuln/SNYK-JS-MCPMARKDOWNIFYSERVE...

https://github.com/zcaceres/markdownify-mcp/commit/0284aa...

https://github.com/zcaceres/markdownify-mcp/blob/224cf89f...

CVSS V4

Score:

8.2

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 29, 2025
Vulnerability Reserved
May 27, 2025

Credit

Raul Onitza-Klugman (Snyk Security Research)