CVE-2025-9611
CVE-2025-9611 is a high-severity vulnerability with a CVSS 4.0 base score of 7.2. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low. The underlying weakness is classified as CWE-749.
Key facts
- Severity: High (CVSS 4.0 base score 7.2)
- EPSS exploit prediction: 1% (63rd percentile)
- Actively exploited: Not listed in CISA KEV
- EU (EUVD) id: EUVD-2026-1179
- Weakness: CWE-749
- Published:
- Last modified:
Description
Microsoft Playwright MCP Server versions prior to 0.0.40 fails to validate the Origin header on incoming connections. This allows an attacker to perform a DNS rebinding attack via a victim’s web browser and send unauthorized requests to a locally running MCP server, resulting in unintended invocation of MCP tool endpoints.
Frequently asked questions
- What is CVE-2025-9611?
- Microsoft Playwright MCP Server versions prior to 0.0.40 fails to validate the Origin header on incoming connections. This allows an attacker to perform a DNS rebinding attack via a victim’s web browser and send unauthorized requests to a locally running MCP server, resulting in unintended invocation of MCP tool endpoints.
- How severe is CVE-2025-9611?
- CVE-2025-9611 has a CVSS 4.0 base score of 7.2, rated high severity.
- Is CVE-2025-9611 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 1% (63rd percentile), an estimate of the probability of exploitation in the next 30 days.
- How do I fix CVE-2025-9611?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround. Given its high severity, prioritise patching exposed systems.
- Does CVE-2025-9611 have an EU (EUVD) identifier?
- Yes. CVE-2025-9611 is tracked in the ENISA EU Vulnerability Database (EUVD) as EUVD-2026-1179.
- When was CVE-2025-9611 published?
- CVE-2025-9611 was published on 2026-01-07 and last updated on 2026-06-17.
References
- https://github.com/JLLeitschuh/security-research/security/advisories/GHSA-8rgw-6xp9-2fg3
- https://github.com/microsoft/playwright/commit/1313fbd
- https://www.vulncheck.com/advisories/microsoft-playwright-mcp-server-dns-rebinding-via-missing-origin-header-validation
Other CWE-749 vulnerabilities
- CVE-2023-40151 — Critical (CVSS 10.0): When user authentication is not enabled the shell can execute commands with the highest privileges. Red Lion SixTRAK…
- CVE-2026-55454 — Critical (CVSS 9.9): Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 2.1, the bundled Caddy…
- CVE-2026-30957 — Critical (CVSS 9.9): OneUptime is a solution for monitoring and managing online services. Prior to 10.0.21, OneUptime Synthetic Monitors…
- CVE-2026-30921 — Critical (CVSS 9.9): OneUptime is a solution for monitoring and managing online services. Prior to 10.0.20, OneUptime Synthetic Monitors…
- CVE-2019-18342 — Critical (CVSS 9.9): A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The SFTP service (default…
- CVE-2025-59403 — Critical (CVSS 9.8): The Flock Safety Android Collins application (aka com.flocksafety.android.collins) 6.35.31 for Android lacks…