pkg:npm/open-websearch

所有已知漏洞

• HIGH8.2CVE-2026-42260open-websearch has SSRF in `fetchWebContent` MCP tool: bracketed IPv6 literals and non-resolving hostname check bypass `isPrivateOrLocalHostname`
  from 0, < 2.1.7