SSRF in Sooperset Mcp-atlassian
CVE-2026-27826
MCP Atlassian is a Model Context Protocol (MCP) server for Atlassian products (Confluence and Jira). Prior to version 0.17.0, an unauthenticated attacker who can reach the mcp-atlassian HTTP endpoint can force the server process to make ou…
Vulnerability class: SSRF (Server-Side Request Forgery)
EPSS: 0.001 (25.2th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 8.2 (High). Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N.
Affected products
- Sooperset Mcp-atlassian — versions < 0.17.0
Weakness classification (CWE)
References
Frequently asked questions
- What is CVE-2026-27826?
- CVE-2026-27826 is a high-severity vulnerability in Sooperset Mcp-atlassian, classified under Server-Side Request Forgery (SSRF). CVSS score: 8.2/10. Published 2026-03-10.
- How severe is CVE-2026-27826?
- High severity. CVSS v3 base score is 8.2 out of 10.