CVE-2025-59155: HackMD MCP Server has Server-Side Request Forgery (SSRF) vulnerability
A Server-Side Request Forgery (SSRF) vulnerability that affects all users running the HackMD MCP server in HTTP mode. Attackers could exploit this vulnerability by passing arbitrary hackmdApiUrl values through HTTP headers (Hackmd-Api-Url) or base64-encoded JSON query parameters. This allows malicious users to:
- Redirect API calls to internal network services
- Potentially access sensitive internal endpoints
- Perform network reconnaissance through the server
- Bypass network access controls
The vulnerability affects the HTTP transport mode specifically - stdio mode is not impacted as it only accepts requests from stdio.
References
- github.com/advisories/GHSA-g5cg-6c7v-mmpw
- github.com/yuna0x0/hackmd-mcp
- github.com/yuna0x0/hackmd-mcp/commit/43936c78a5bb3dedc74e8f080607a1125caa8c13
- github.com/yuna0x0/hackmd-mcp/releases/tag/v1.5.0
- github.com/yuna0x0/hackmd-mcp/security/advisories/GHSA-g5cg-6c7v-mmpw
- nvd.nist.gov/vuln/detail/CVE-2025-59155
Code Behaviors & Features
Detect and mitigate CVE-2025-59155 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →