Server-Side Request Forgery in HackMD's Model Context Protocol Server
CVE-2025-59155

6.9MEDIUM

Key Information:

Vendor: Yuna0x0
Status: Hackmd-mcp
Vendor: CVE Published:; 15 September 2025

What is CVE-2025-59155?

The hackmd-mcp (Model Context Protocol server) is vulnerable to a Server-Side Request Forgery (SSRF) issue when running in HTTP transport mode. This vulnerability affects versions 1.4.0 through 1.4.x, allowing attackers to submit unvalidated hackmdApiUrl values via the Hackmd-Api-Url HTTP header or through base64-encoded JSON query parameters. By exploiting this flaw, attackers can redirect outbound API requests to internal services, potentially leading to unauthorized access to sensitive internal endpoints, performing network reconnaissance, and circumventing established network access controls. Users are encouraged to upgrade to version 1.5.0 or later, which introduces validation mechanisms and supports environment variable-based constraints for API URLs. Alternative mitigation strategies include switching to stdio transport mode, limiting outbound network access, or implementing filtering via a reverse proxy.

Affected Version(s)

hackmd-mcp >= 1.4.0, < 1.5.0

References

https://github.com/yuna0x0/hackmd-mcp/security/advisories...

x_refsource_CONFIRM

https://github.com/yuna0x0/hackmd-mcp/commit/43936c78a5bb...

x_refsource_MISC

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 15, 2025
Vulnerability Reserved
Sep 9, 2025

Yuna0x0

What is CVE-2025-59155?

Affected Version(s)

References

CVSS V4

Timeline