CVE-2025-59163: vet MCP Server SSE Transport DNS Rebinding Vulnerability

September 29, 2025 (updated September 30, 2025)

SafeDep vet is vulnerable to a DNS rebinding attack due to lack of HTTP Host and Origin header validation.

To exploit this vulnerability following conditions must be met:

A vet scan is executed and reports are saved as sqlite3 database
A vet MCP server is running on default port with SSE transport that has access to the report database
The attacker lures the victim to attacker controlled website
Attacker leverages DNS rebinding to access vet SSE server on 127.0.0.1 through the website
Attacker uses MCP tools to read information from report database

References

github.com/advisories/GHSA-6q9c-m9fr-865m
github.com/safedep/vet
github.com/safedep/vet/commit/0ae3560ba11846375812377299fe078d45cc3d48
github.com/safedep/vet/releases/tag/v1.12.5
github.com/safedep/vet/security/advisories/GHSA-6q9c-m9fr-865m
nvd.nist.gov/vuln/detail/CVE-2025-59163

Code Behaviors & Features

Detect and mitigate CVE-2025-59163 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →