Is there a public PoC exploit available for CVE-2025-11286?

Yes, a public proof-of-concept exploit is available for CVE-2025-11286. Prioritise patching immediately. EPSS: 0.0%.

MCPHub CVE-2025-11286

Q: What is the CVSS score of CVE-2025-11286?

CVE-2025-11286 has a CVSS 4.0 base score of 2.0 (Low). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

LOW

Server-Side Request Forgery (SSRF) (CWE-918)

2025-10-05 cna@vuldb.com

SSRF Mcphub

2.0

CVSS 4.0 · NVD

Severity by source

NVD PRIMARY

2.0 LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Lifecycle Timeline

Analysis Generated

Apr 29, 2026 - 01:31 vuln.today

DescriptionCVE.org

A vulnerability was determined in samanhappy MCPHub up to 0.9.10. This affects an unknown part of the file src/controllers/serverController.ts of the component MCPRouter Service. This manipulation of the argument baseUrl causes server-side request forgery. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

Server-side request forgery (SSRF) in MCPHub up to version 0.9.10 allows authenticated high-privilege users to manipulate the baseUrl argument in the MCPRouter Service, enabling arbitrary HTTP requests from the server. The vulnerability requires high privilege level and has publicly available proof-of-concept code, though EPSS analysis suggests limited real-world exploitation probability despite active public disclosure.

Technical ContextAI

The vulnerability exists in src/controllers/serverController.ts within MCPHub's MCPRouter Service component. CWE-918 (Server-Side Request Forgery) identifies the root cause: improper validation of user-supplied baseUrl parameters allows attackers to craft requests that make the vulnerable server initiate connections to unintended internal or external endpoints. This enables reconnaissance of internal services, exfiltration of metadata, or interaction with restricted resources that the server process can access but external attackers cannot directly reach.

RemediationAI

No vendor-released patch identified at time of analysis; the vendor has not responded to disclosure attempts. Immediate mitigations include: restrict high-privilege account access to MCPHub's MCPRouter Service configuration endpoints via role-based access control or network segmentation-limit which users can modify baseUrl parameters; implement egress filtering on the MCPHub server to prevent it from reaching sensitive internal services (databases, metadata endpoints, administrative interfaces); review and disable any MCPRouter Service features that accept user-supplied baseUrl inputs if not operationally critical. Monitor outbound HTTP connections from MCPHub processes for suspicious destinations (internal IP ranges, cloud metadata services like 169.254.169.254). If MCPHub is mission-critical and an update is not forthcoming, evaluate alternative MCP router implementations with active maintenance.

CVE-2025-11286 vulnerability details – vuln.today

Back