munio security research

CVE-2026-33060: SSRF in ckan-mcp-server

Server-Side Request Forgery (SSRF) in ckan-mcp-server allows an attacker to make the server send requests to internal network resources.

Summary

The ckan-mcp-server MCP server is vulnerable to Server-Side Request Forgery (SSRF). An attacker can craft tool call parameters that cause the server to make HTTP requests to internal network resources, potentially accessing metadata endpoints, internal APIs, or other services not intended to be publicly reachable.

Details

Impact

An attacker who can influence tool call parameters may be able to:

Remediation

Disclosure

Disclosed March 16, 2026 through responsible disclosure.