GHSA-6q9c-m9fr-865m: vet MCP Server SSE Transport DNS Rebinding Vulnerability

1. GitHub Advisory Database
2. GitHub Reviewed
3. CVE-2025-59163

vet MCP Server SSE Transport DNS Rebinding Vulnerability

Low severity GitHub Reviewed Published Sep 29, 2025 in safedep/vet • Updated Sep 29, 2025

Package

gomod github.com/safedep/vet (Go)

Affected versions

< 1.12.5

SafeDep vet is vulnerable to a DNS rebinding attack due to lack of HTTP Host and Origin header validation.

To exploit this vulnerability following conditions must be met:

1. A vet scan is executed and reports are saved as sqlite3 database
2. A vet MCP server is running on default port with SSE transport that has access to the report database
3. The attacker lures the victim to attacker controlled website
4. Attacker leverages DNS rebinding to access vet SSE server on 127.0.0.1 through the website
5. Attacker uses MCP tools to read information from report database

Impact

Data from vet scan sqlite3 database may be exposed to remote attackers when vet is used as an MCP server in SSE mode with default ports through the sqlite3 query MCP tool.

Patches

• v1.12.5 is released that patches the issue with Host and Origin header allow list and validation

Workarounds

• Use stdio (default) transport for SSE server

References

• GHSA-6q9c-m9fr-865m
• safedep/vet@0ae3560

Published to the GitHub Advisory Database

Sep 29, 2025

Last updated

Sep 29, 2025