What happened
CVE-2026-14748 (CVSS 6.3 Medium, published 2026-07-05) is an SSRF vulnerability in an MCP server tool that summarizes wiki content, reachable by manipulating the url argument passed to the tool.
Why it matters
MCP servers are directly callable by LLM agents; an SSRF here lets a prompt-injected or malicious agent request internal cloud metadata endpoints or internal services from the MCP server's network position.
Attack vector
The wiki-summary MCP tool accepts a caller-supplied url argument without adequate validation, allowing an attacker to make the MCP server issue requests to arbitrary internal or external endpoints (SSRF).
Affected systems
AIAnytime Awesome-MCP-Server, mcp-wiki/wiki-summary component (up to commit a884bb51bcd99e08e14fd712c749d55d9d9a13ab)
Mitigation
No fix version confirmed at disclosure; restrict MCP tool network egress and validate/allowlist target URLs.