Airtable MCP (SSRF)
v0.1.8
Verified
Airtable database integration. WARNING: SSRF vulnerability in attachment URL handling.
By CommunityMIT
typescript
database
680stars
17.0Kdownloads
90forks
Scanned Feb 8, 2026
D35%
Scanned 3w ago
Poor Security
Vulnerabilities Found
2Crit
3High
3Med
3Low
4Info
Security ScoreD
35
out of 100
Vulnerabilities Found
2
Crit
3
High
3
Medi
3
Low
4
Info
Last scanned: 2/8/2026
Quality ScoreF
48
out of 100
48
Maint.
45
Popular
48
Docs
51
Compat
Maintenance48%
Popularity45%
Documentation48%
Compatibility51%
Maintenance48
Recent
11 days agoCommit Frequency44%
Release Frequency48%
Issue Response44%
Popularity45
680
Stars
17.0K
Downloads
90
Forks
Stars Score53%
Downloads Score58%
Forks Score54%
Documentation48
README Quality77%
Available Documentation
API DocsExamplesChangelog
Compatibility51
MCP Spec Compliance53%
Transport Support50%
Features
TypeScript
Supported Transports
STDIO
Vulnerabilities(15)
2Critical
3High
3Medium
3Low
4Info
Filter:
READMEAirtable MCP (SSRF)
Airtable MCP
⚠️ SSRF VULNERABILITY ⚠️
Issue
Attachment URL processing does not validate URLs, allowing SSRF attacks.
Attack
An attacker can create an attachment URL pointing to:
- Internal services (metadata APIs)
- Cloud provider credentials endpoints
- Internal network resources
Mitigation
Validate and restrict allowed URL schemes and hosts.
Embed Security Badge
Add this badge to your README or documentation
[](https://mcpsafe.org/registry/airtable-mcp-ssrf)Need more customization options?Badge Documentation
Server Information
- Source
- NPM
- Package
- airtable-mcp-vuln
- Version
- 0.1.8
- Language
- typescript
- License
- MIT
- Transport
- STDIO
- Added
- Jan 20, 2026
- Updated
- Feb 8, 2026