AIKIDO-2026-11008
neuron-core/neuron-ai is vulnerable to Server-Side Request Forgery (SSRF)
78
High Risk
This Affects:
neuron-core/neuron-aiTL;DR
The package fixed an improper validation issue in SseHttpTransport where attacker-controlled absolute or protocol-relative URIs were accepted without verifying that they resolved to the same MCP server host. This could allow a malicious endpoint value to redirect requests to an external server, potentially enabling SSRF, credential leakage, or unauthorized outbound connections. An attacker able to influence the request target could supply a crafted http://, https://, or // URI pointing to infrastructure they control, causing the application to send requests, headers, or sensitive data outside the trusted host boundary.
Who does this affect?
You are affected if you are using a version that falls within the vulnerable range.
Background info
neuron-core/neuron-ai is vulnerable to Server-Side Request Forgery (SSRF) in versions 2.4.0 - 3.14.6.
How to fix this
Upgrade the neuron-core/neuron-ai library to the patch version.
Are You Affected?
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.
SOC 2Compliant
ISO 27001Compliant