TencentCloudBase CloudBase-MCP SSRF Vulnerability (CVE-2026-7221)
The National Vulnerability Database has disclosed CVE-2026-7221, a high-severity Server-Side Request Forgery (SSRF) vulnerability impacting TencentCloudBase CloudBase-MCP up to version 2.17.0. The flaw resides in the openUrl function within the mcp/src/interactive-server.ts file, specifically in the open-url API Endpoint component. Attackers can manipulate the req.body.url argument to trigger the SSRF, allowing remote exploitation.
This vulnerability, assigned a CVSS v3.1 score of 7.3 (High), enables attackers to force the server to make requests to arbitrary locations, potentially leading to information disclosure, port scanning of internal networks, or even interaction with internal services. The National Vulnerability Database confirms that an exploit for CVE-2026-7221 has been made public, significantly raising the risk profile for unpatched systems. Defenders should assume active exploitation is imminent or already occurring.
Tencent has addressed this issue in version 2.17.1. The National Vulnerability Database recommends immediate upgrade of affected components to mitigate the risk. The specific patch is identified as 3f678a1e7bd400cd76469d61024097d4920dc6b5.
What This Means For You
- If your organization utilizes TencentCloudBase CloudBase-MCP, you are directly exposed to CVE-2026-7221. An SSRF vulnerability with a public exploit is a critical risk. You need to identify all instances running CloudBase-MCP and patch to version 2.17.1 immediately. Audit logs for any unusual outbound connections from these servers, especially to internal IP ranges or unexpected external destinations.
Related ATT&CK Techniques
🛡️ Detection Rules
3 rules · 6 SIEM formats3 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.
CVE-2026-7221 - TencentCloudBase CloudBase-MCP openUrl SSRF
title: CVE-2026-7221 - TencentCloudBase CloudBase-MCP openUrl SSRF
id: scw-2026-04-28-ai-1
status: experimental
level: high
description: |
Detects attempts to exploit the CVE-2026-7221 vulnerability in TencentCloudBase CloudBase-MCP by targeting the '/open-url' API endpoint via a POST request. This SSRF vulnerability allows remote attackers to forge requests from the server.
author: SCW Feed Engine (AI-generated)
date: 2026-04-28
references:
- https://shimiscyberworld.com/posts/nvd-CVE-2026-7221/
tags:
- attack.initial_access
- attack.t1190
logsource:
category: webserver
detection:
selection:
uri|contains:
- '/open-url'
cs-method:
- 'POST'
condition: selection
falsepositives:
- Legitimate administrative activity
Source: Shimi's Cyber World · License & reuse
Indicators of Compromise
| ID | Type | Indicator |
|---|---|---|
| CVE-2026-7221 | SSRF | TencentCloudBase CloudBase-MCP up to 2.17.0 |
| CVE-2026-7221 | SSRF | openUrl function in mcp/src/interactive-server.ts |
| CVE-2026-7221 | SSRF | Vulnerable component: open-url API Endpoint |
| CVE-2026-7221 | SSRF | Manipulation of argument req.body.url |
Written by SCW Vulnerability Desk
Source & Attribution
| Source Platform | NVD |
| Channel | National Vulnerability Database |
| Published | April 28, 2026 at 07:16 UTC |
This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.
Believe this infringes your rights? Submit a takedown request.
Related coverage
CVE-2026-7223: BigSweetPotatoStudio HyperChat SSRF Vulnerability
CVE-2026-7223 — A vulnerability was identified in BigSweetPotatoStudio HyperChat up to 2.0.0-alpha.63. Affected by this issue is the function fetch of the file packages/core/src/http/aiProxyMiddleware.mts of...
CVE-2026-7220: FastlyMCP Command Injection Exposes Infrastructure
CVE-2026-7220 — A vulnerability has been found in jackwrichards FastlyMCP up to 6f3d0b0e654fc51076badc7fa16c03c461f95620. This impacts an unknown function of the file fastly-mcp.mjs of the component...
Totolink N300RT: High-Severity Buffer Overflow Vulnerability (CVE-2026-7219)
CVE-2026-7219 — A flaw has been found in Totolink N300RT 3.4.0-B20250430. This affects an unknown function of the file /boafrm/formIpQoS. Executing a manipulation of the...