{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-23T08:49:35.967","vulnerabilities":[{"cve":{"id":"CVE-2026-25904","sourceIdentifier":"reefs@jfrog.com","published":"2026-02-09T09:16:33.850","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Pydantic-AI MCP Run Python tool configures the Deno sandbox with an overly permissive configuration that allows the underlying Python code to access the localhost interface of the host to perform SSRF attacks. Note - the \"mcp-run-python\" project is archived and unlikely to receive a fix."},{"lang":"es","value":"La herramienta Pydantic-AI MCP Run Python configura el sandbox de Deno con una configuración excesivamente permisiva que permite al código Python subyacente acceder a la interfaz localhost del host para realizar ataques SSRF. Nota - el proyecto 'mcp-run-python' está archivado y es poco probable que reciba una solución."}],"metrics":{"cvssMetricV31":[{"source":"reefs@jfrog.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L","baseScore":5.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.6,"impactScore":3.7}]},"weaknesses":[{"source":"reefs@jfrog.com","type":"Primary","description":[{"lang":"en","value":"CWE-918"}]}],"references":[{"url":"https://research.jfrog.com/vulnerabilities/mcp-run-python-deno-ssrf-jfsa-2026-001653029/","source":"reefs@jfrog.com"}]}}]}