CVE-2026-7729 | pixelsock directus-mcp 1.0.0 MCP Interface index.ts validateUrl fileUrl server-side request forgery

A vulnerability marked as critical has been reported in pixelsock directus-mcp 1.0.0. This issue affects the function validateUrl of the file index.ts of the component MCP Interface. Performing a manipulation of the argument fileUrl results in server-side request forgery.

This vulnerability was named CVE-2026-7729. The attack may be initiated remotely. In addition, an exploit is available.

The pull request to fix this issue awaits acceptance.VulDB Recent EntriesRead More