CVE-2026-7146 Overview
A Server-Side Request Forgery (SSRF) vulnerability has been identified in AlejandroArciniegas mcp-data-vis, affecting the axios function within the src/servers/web-scraper/server.js file of the HTTP Request Handler component. This vulnerability allows remote attackers to manipulate HTTP requests, potentially enabling access to internal resources, bypassing security controls, or exfiltrating sensitive data from the affected system.
Critical Impact
Remote attackers can exploit this SSRF vulnerability to forge server-side requests, potentially accessing internal services, cloud metadata endpoints, or performing port scanning against internal infrastructure.
Affected Products
- AlejandroArciniegas mcp-data-vis (rolling release up to commit de5a51525a69822290eaee569a1ab447b490746d)
Discovery Timeline
- 2026-04-27 - CVE-2026-7146 published to NVD
- 2026-04-29 - Last updated in NVD database
Technical Details for CVE-2026-7146
Vulnerability Analysis
This SSRF vulnerability exists in the HTTP Request Handler component of the mcp-data-vis project, specifically within the axios function implementation in src/servers/web-scraper/server.js. The vulnerability stems from insufficient validation of user-supplied URLs before making server-side HTTP requests.
When the web scraper receives an HTTP request containing a target URL, the application fails to properly validate or sanitize the destination before passing it to the axios library for request execution. This allows an attacker to craft malicious requests that cause the server to make requests to arbitrary destinations, including internal network resources that would normally be inaccessible from external networks.
The network-accessible nature of this vulnerability means attackers can exploit it remotely without requiring any authentication or user interaction. The impact includes potential unauthorized access to internal services, cloud instance metadata endpoints (such as AWS IMDSv1 at http://169.254.169.254/), and the ability to perform reconnaissance against internal infrastructure.
Root Cause
The root cause of CVE-2026-7146 is improper input validation (CWE-918: Server-Side Request Forgery) in the URL handling logic of the web scraper component. The application directly uses user-supplied URL values in server-side HTTP requests without implementing URL scheme restrictions, domain allowlists, or proper validation of the destination address. This allows attackers to redirect requests to internal IP addresses, loopback addresses, or other sensitive endpoints.
Attack Vector
The vulnerability is exploitable via network-based attacks where a remote attacker sends a crafted HTTP request to the vulnerable mcp-data-vis web scraper endpoint. The attacker manipulates the URL parameter to specify internal resources or services as the target destination.
The attack requires no authentication or privileges, and no user interaction is needed. An attacker could exploit this to:
- Access internal microservices or APIs not exposed to the internet
- Retrieve cloud provider metadata containing sensitive credentials
- Scan internal ports and enumerate services
- Bypass firewall rules and network segmentation
For detailed technical information about this vulnerability, refer to the GitHub Issue Tracker and the VulDB vulnerability entry.
Detection Methods for CVE-2026-7146
Indicators of Compromise
- Outbound HTTP requests from the mcp-data-vis server to internal IP ranges (10.x.x.x, 172.16-31.x.x, 192.168.x.x)
- Requests targeting cloud metadata endpoints such as 169.254.169.254 or metadata.google.internal
- Unusual outbound connections to localhost (127.0.0.1) or loopback addresses from the web scraper process
- HTTP requests containing internal hostnames or non-routable IP addresses in URL parameters
Detection Strategies
- Monitor server-side HTTP request logs for connections to internal IP ranges or metadata endpoints
- Implement network-level detection rules to alert on outbound connections from web application servers to internal infrastructure
- Review axios request logs in src/servers/web-scraper/server.js for anomalous destination URLs
- Deploy web application firewall (WAF) rules to detect SSRF payload patterns in incoming requests
Monitoring Recommendations
- Enable detailed logging for all outbound HTTP requests made by the axios library
- Configure network monitoring to track connections from the mcp-data-vis server to internal subnets
- Set up alerts for any requests to cloud metadata IP addresses (169.254.169.254)
- Implement egress filtering and log all denied outbound connection attempts
How to Mitigate CVE-2026-7146
Immediate Actions Required
- Restrict the mcp-data-vis web scraper functionality to trusted users only until a patch is available
- Implement network-level egress filtering to block requests from the application server to internal IP ranges
- Deploy a web application firewall with SSRF protection rules in front of the affected application
- Review and audit all recent requests to the web scraper endpoint for signs of exploitation
Patch Information
As of the last NVD update on 2026-04-29, no official patch has been released by the project maintainers. The project operates on a rolling release basis and the maintainers have been notified via the GitHub Issue Tracker but have not yet responded. Monitor the project repository for updates.
Workarounds
- Implement a URL allowlist in the application code to restrict requests to known-safe external domains only
- Block outbound requests to RFC 1918 private IP ranges (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16) and link-local addresses (169.254.0.0/16)
- Disable or remove the web scraper functionality if it is not critical to operations
- Use network segmentation to isolate the mcp-data-vis server from sensitive internal resources
# Example iptables rules to block SSRF to internal networks from the application server
iptables -A OUTPUT -m owner --uid-owner node -d 10.0.0.0/8 -j DROP
iptables -A OUTPUT -m owner --uid-owner node -d 172.16.0.0/12 -j DROP
iptables -A OUTPUT -m owner --uid-owner node -d 192.168.0.0/16 -j DROP
iptables -A OUTPUT -m owner --uid-owner node -d 169.254.0.0/16 -j DROP
iptables -A OUTPUT -m owner --uid-owner node -d 127.0.0.0/8 -j DROP
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
