Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

CVE
CVEadded 2025/10/03 10:37 p.m.12 views

CVE-2025-61685

The CVE concerns Mastra (Typescript framework) with vulnerable versions 0.13.8–0.13.20-alpha.0, where a Directory Traversal flaw affects the MCP server package @mastra/mcp-docs-server. The issue stems from bypassable path-traversal checks in readMdxContent combined with a flawed execute path that...

6.5CVSS6.4AI score0.00535EPSS
Exploits0References2
Cvelist
Cvelistadded 2025/10/03 10:37 p.m.7 views

CVE-2025-61685 Mastra Docs MCP Server `@mastra/mcp-docs-server` Leads to Information Exposure

Mastra is a Typescript framework for building AI agents and assistants. Versions 0.13.8 through 0.13.20-alpha.0 are vulnerable to a Directory Traversal attack that results in the disclosure of directory listings. The code contains a security check to prevent path traversal for reading file...

6.5CVSS0.00535EPSS
Exploits0References2
OSV
OSVadded 2025/09/24 8:5 p.m.3 views

GHSA-XH92-RQRQ-227V Mastra Docs MCP Server `@mastra/mcp-docs-server` Leads to Information Exposure

The Mastra Docs MCP Server package @mastra/mcp-docs-server is a server designed to provide documentation context to AI agentic workflows, such as those used in AI-powered IDEs. Resources: Package URL: https://www.npmjs.com/package/@mastra/mcp-docs-server ----- Overview The @mastra/mcp-docs-server...

6.5CVSS7.2AI score0.00535EPSS
Exploits0References4
Rows per page
Query Builder