A vulnerability classified as critical has been found in AIAnytime Awesome-MCP-Server up to a884bb51bcd99e08e14fd712c749d55d9d9a13ab. Affected by this issue is some unknown functionality of the file mcp-wiki/src/mcp_wiki/server.py of the component mcp-wiki/wiki-summary. This manipulation of the argument url causes server-side request forgery.

This vulnerability appears as CVE-2026-14748. The attack may be initiated remotely. In addition, an exploit is available.

This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available.

The project was informed of the problem early through an issue report but has not responded yet.