80 matches found
CVE-2026-7319
A flaw has been found in elinsky execution-system-mcp 0.1.0. The impacted element is the function getcontextfilepath of the file src/executionsystemmcp/server.py of the component addaction Tool. This manipulation of the argument context causes path traversal. The attack can be initiated remotely...
CVE-2026-7319
A flaw has been found in elinsky execution-system-mcp 0.1.0. The impacted element is the function getcontextfilepath of the file src/executionsystemmcp/server.py of the component addaction Tool. This manipulation of the argument context causes path traversal. The attack can be initiated remotely...
CVE-2026-7319
CVE-2026-7319 affects elinsky execution-system-mcp 0.1.0. The vulnerability is in the function _get_context_file_path (src/execution_system_mcp/server.py, add_action Tool), where improper handling of the context argument enables path traversal. Attack can be initiated remotely; the exploit has be...
CVE-2026-7319 elinsky execution-system-mcp add_action Tool server.py _get_context_file_path path traversal
A flaw has been found in elinsky execution-system-mcp 0.1.0. The impacted element is the function getcontextfilepath of the file src/executionsystemmcp/server.py of the component addaction Tool. This manipulation of the argument context causes path traversal. The attack can be initiated remotely...
CVE-2026-7319
A flaw has been found in elinsky execution-system-mcp 0.1.0. The impacted element is the function getcontextfilepath of the file src/executionsystemmcp/server.py of the component addaction Tool. This manipulation of the argument context causes path traversal. The attack can be initiated remotely...
EUVD-2026-26156
A flaw has been found in elinsky execution-system-mcp 0.1.0. The impacted element is the function getcontextfilepath of the file src/executionsystemmcp/server.py of the component addaction Tool. This manipulation of the argument context causes path traversal. The attack can be initiated remotely...
CVE-2026-7319 elinsky execution-system-mcp add_action Tool server.py _get_context_file_path path traversal
A flaw has been found in elinsky execution-system-mcp 0.1.0. The impacted element is the function getcontextfilepath of the file src/executionsystemmcp/server.py of the component addaction Tool. This manipulation of the argument context causes path traversal. The attack can be initiated remotely...
Execution System MCP Server 路径遍历漏洞
The Execution System MCP Server is an AI-native execution system server developed by Brian Elinsky. Version 0.1.0 of the Execution System MCP Server contains a path traversal vulnerability. This vulnerability arises from the parameter context in the getcontextfilepath function of the addaction...
PT-2026-35832
A flaw has been found in elinsky execution-system-mcp 0.1.0. The impacted element is the function get context file path of the file src/execution system mcp/server.py of the component add action Tool. This manipulation of the argument context causes path traversal. The attack can be initiated...
CVE-2025-40746
A vulnerability has been identified in SIMATIC RTLS Locating Manager All versions V3.2. Affected products do not properly validate input for a backup script. This could allow an authenticated remote attacker with high privileges in the application to execute arbitrary code with 'NT...
CVE-2020-10138
Acronis Cyber Backup 12.5 and Cyber Protect 15 include an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory within C:\jenkinsagent\. Acronis Cyber Backup and Cyber Protect contain a privileged service that uses this OpenSSL component. Because unprivileged Windows users can...
CVE-2020-10139
Acronis True Image 2021 includes an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory within C:\jenkinsagent\. Acronis True Image contains a privileged service that uses this OpenSSL component. Because unprivileged Windows users can create subdirectories off of the system...
CVE-2019-16663
An issue was discovered in rConfig 3.9.2. An attacker can directly execute system commands by sending a GET request to search.crud.php because the catCommand parameter is passed to the exec function without filtering, which can lead to command execution...
EUVD-2025-36711
Razer Synapse 3 Macro Module Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Razer Synapse 3. An attacker must first obtain the ability to execute low-privileged code on the target system in ord...
EUVD-2021-13122
Malware in sbrugna...
EUVD-2019-5078
Malware in sbrugna...
EUVD-2020-4187
Malware in sbrugna...
EUVD-2020-7271
Malware in sbrugna...
EUVD-2020-2515
Malware in sbrugna...
EUVD-2024-3009
Malicious code in bioql PyPI...