techMEDIUM2026-05-07 20:46 UTC

CVE-2026-42449 - n8n-MCP: IPv4-mapped IPv6 addresses bypass SSRF protection in validateUrlSync(), enabling full SSRF for SDK embedders

CVE ID :CVE-2026-42449 Published : May 7, 2026, 8:46 p.m. | 16 minutes ago Description :n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. In versions 2.47.4 through 2.47.13, the SDK embedder path (N8NDocumentationMCPServer constr

ORIGINAL SOURCE →via CVE Feed Latest

⚡ STAY AHEAD

Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.

GET THE SUNDAY BRIEFING →

RELATED · tech

[TECH] Launch: Electron | Viva La StriX (StriX Launch 9)
[TECH] Launch: Atlas V 551 | Amazon Leo (LA-07)
[TECH] Launch: Vega-C | Solar wind Magnetosphere Ionosphere Link Explorer (SMILE)
[TECH] Launch: Falcon 9 Block 5 | Starlink Group 17-42
[TECH] Launch: Starship | Flight 12
[TECH] Launch: Falcon 9 Block 5 | NROL-172

Editorial policy · Report a correction