Raul Onitza-Klugman

2 exploits Active since May 2025

CVE-2025-5273 WRITEUP MEDIUM WRITEUP

mcp-markdownify-server - Info Disclosure

All versions of the package mcp-markdownify-server are vulnerable to Files or Directories Accessible to External Parties via the get-markdown-file tool. An attacker can craft a prompt that, once accessed by the MCP host, will allow it to read arbitrary files from the host running the server.

CVSS 6.5

View Code

CVE-2025-5276 WRITEUP HIGH WRITEUP

mcp-markdownify-server - Server-Side Request Forgery via Markdownify.get() Function

All versions of the package mcp-markdownify-server are vulnerable to Server-Side Request Forgery (SSRF) via the Markdownify.get() function. An attacker can craft a prompt that, once accessed by the MCP host, can invoke the webpage-to-markdown, bing-search-to-markdown, and youtube-to-markdown tools to issue requests and read the responses to attacker-controlled URLs, potentially leaking sensitive information.

CVSS 7.4

View Code