CVE-2026-25904
Description
The Pydantic-AI MCP Run Python tool configures the Deno sandbox with an overly permissive configuration that allows the underlying Python code to access the localhost interface of the host to perform SSRF attacks. Note - the mcp-run-python project is archived and unlikely to receive a fix.
Risk Information
Base Score
5.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L
EPSS Score
Exploitation Probability
0.01
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2026-25904,CVE-2026-25905 are affected in Python-mcp-run-python 0.0.22 | Windows |
| Vulnerabilities CVE-2026-25904,CVE-2026-25905 are affected in Python-mcp-run-python for linux 0.0.22 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234