Platform
nodejs
Component
mcp-browser-agent
Fixed in
0.1.1
0.2.1
0.3.1
0.4.1
0.5.1
0.6.1
0.7.1
0.8.1
A server-side request forgery (SSRF) vulnerability has been identified in imprvhub's mcp-browser-agent, affecting versions from 0.1.0 through 0.8.0. This flaw resides within the CallToolRequestSchema function of the URL Parameter Handler (src/handlers.ts) and allows attackers to manipulate request parameters to initiate unintended server-side requests. Successful exploitation could lead to unauthorized access to internal resources and sensitive data. The vulnerability has been publicly disclosed.
The SSRF vulnerability in mcp-browser-agent allows an attacker to craft malicious requests that the server will then execute on its behalf. This can be exploited to access internal services and resources that are not directly accessible from the outside world. For example, an attacker could potentially scan internal networks, access sensitive configuration files, or even interact with internal APIs. The ability to trigger arbitrary HTTP requests significantly expands the attack surface, potentially leading to data exfiltration or further compromise of the underlying infrastructure. The public disclosure of this vulnerability increases the risk of exploitation.
This vulnerability is publicly disclosed and has a medium CVSS score. A public proof-of-concept is available, increasing the likelihood of exploitation. The vulnerability was reported on 2026-04-06. The vendor was contacted but did not respond, indicating a potential lack of active maintenance for this component. It is not currently listed on CISA KEV.
Exploit Status
EPSS
0.04% (11% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2026-5607 is to upgrade to a patched version of mcp-browser-agent. Unfortunately, a fixed version is not yet available. As a temporary workaround, implement strict input validation on the request.params.name and request.params.arguments parameters within the URL Parameter Handler. Consider deploying a Web Application Firewall (WAF) with rules to block suspicious requests containing potentially malicious URLs. Regularly monitor logs for unusual outbound HTTP requests originating from the mcp-browser-agent component. After applying these mitigations, verify the effectiveness by attempting to trigger the SSRF vulnerability with a controlled malicious request.
Update to a patched version of imprvhub mcp-browser-agent. The vulnerability is in URL parameter handling, specifically within the CallToolRequestSchema function. Review and strengthen input validation to prevent server-side request forgery (SSRF) attacks.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-5607 is a server-side request forgery vulnerability affecting versions 0.1.0–0.8.0 of imprvhub's mcp-browser-agent, allowing attackers to trigger unintended server-side requests.
You are affected if you are using mcp-browser-agent versions 0.1.0 through 0.8.0. Upgrade is recommended as a fix is not yet available.
Upgrade to a patched version when available. Until then, implement input validation and WAF rules to mitigate the risk.
Due to the public disclosure and availability of a proof-of-concept, active exploitation is likely.
As of the disclosure date, the vendor has not released an official advisory. Monitor imprvhub's website and security channels for updates.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.