@puchunjie/doc-tools-mcp has a Path Traversal Issue

A security flaw has been discovered in puchunjie doc-tools-mcp 1.0.18. This affects the function createdocument/opendocument of the file src/mcp-server.ts of the component MCP Interface. The manipulation of the argument filePath results in path traversal. The attack can be launched remotely. The...

Directory Traversal

Overview @puchunjie/doc-tools-mcp is a Word 文档处理 MCP 服务器 - 基于 TypeScript 的文档处理工具 Affected versions of this package are vulnerable to Directory Traversal via the createdocument or opendocument functions in the MCP Interface component when processing the filePath argument. An attacker can access or...

CVE-2026-7738

A security flaw has been discovered in puchunjie doc-tools-mcp 1.0.18. This affects the function createdocument/opendocument of the file src/mcp-server.ts of the component MCP Interface. The manipulation of the argument filePath results in path traversal. The attack can be launched remotely. The...

CVE-2026-7738

A security flaw has been discovered in puchunjie doc-tools-mcp 1.0.18. This affects the function createdocument/opendocument of the file src/mcp-server.ts of the component MCP Interface. The manipulation of the argument filePath results in path traversal. The attack can be launched remotely. The...

CVE-2026-7738 puchunjie doc-tools-mcp MCP mcp-server.ts open_document path traversal

A security flaw has been discovered in puchunjie doc-tools-mcp 1.0.18. This affects the function createdocument/opendocument of the file src/mcp-server.ts of the component MCP Interface. The manipulation of the argument filePath results in path traversal. The attack can be launched remotely. The...

Word Tools MCP Server 路径遍历漏洞

Word Tools MCP Server is an AI-driven word document manipulation tool developed by Jeremy Pu. Version 1.0.18 of Word Tools MCP Server contains a path traversal vulnerability. This vulnerability stems from the createdocument/opendocument function in the MCP Interface component, where the filePath...

Ollama 缓冲区错误漏洞

Ollama is an open source large language model deployment and inference tool, mainly providing model loading, quantization and API interface services. The Ollama GGUF model loader suffers from a heap out-of-bounds read vulnerability that stems from the /api/create interface failing to properly...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: tracing/hist: Fix out-of-bound write on ‘actiondata.varrefidx’ When generating a synthetic event with many parameters and then creating a trace action for it 1, a kernel panic occurred 2. This issue arises because in...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: hfsplus: Do not use BUGON in hfspluscreateattributesfile. When the volume header contains erroneous values that do not reflect the actual state of the filesystem, hfsplusfillsuper assumes that the attributes file has not yet been...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Handle errors from amdgpucgscreatedevice in amdpowerplaycreate. Add error handling to propagate the failures of amdgpucgscreatedevice to the caller. When amdgpucgscreatedevice fails, release hwmgr and return -ENOMEM t...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: eir: Fixed possible crashes when using eircreateadvdata. eircreateadvdata may attempt to add EIRFLAGS and EIRTXPOWER without checking whether those values are compatible with the structure...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: A overflow issue was fixed in the bitmapipcreate function before the bitmap was widened. When firstip is 0, lastip is 0xFFFFFFFF, and the netmask is 31, the value of an arithmetic expression 2 netmask - maskbits...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: sofsdw: Prevent a jump to NULL for the addsidecar callback In the createsdwdailink function, it is checked that sofend-codecinfo-addsidecar is not NULL before calling it. The original code assumed that if...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: afcan: Do not leave a dangling sk pointer in cancreate. When the cancreate function fails, it releases the allocated sk object. However, sockinitdata has already attached this object to the provided sock object. This will...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: fs/ntfs3: Fixed a general protection fault in runismappedfull. ntfscreate inode: Fixed the deletion of a non-resident attribute...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: Fixed an issue where a use-after-free occurred after failing to create a snapshot. In ioctl.c’s createsnapshot function, we allocate a pending snapshot structure and then attach it to the transaction’s list of pending...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: XArray: Fixed the issue with xascreaterange when a multi-index entry is present. If there is already an entry present that is of order = XACHUNKSHIFT when we call xascreaterange, xascreaterange will misinterpret that entry as a...

SUSE CVE-2026-31701

In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: take a reference on the USB device in createcard The caiaq driver stores a pointer to the parent USB device in cdev-chip.dev but never takes a reference on it. The card's privatefree callback, sndusbcaiaqcardfree, ca...

CVE-2026-7589

A vulnerability was determined in ghantakiran splunk-mcp-integration up to 0b86b09d5e5adf0433acd43c975951224613a1a6. Impacted is the function createcsvexport of the file services/csv-export-service/app/api/v1/endpoints/csvexport.py of the component CSV Export. This manipulation of the argument...

EUVD-2026-26706

A vulnerability was determined in ghantakiran splunk-mcp-integration up to 0b86b09d5e5adf0433acd43c975951224613a1a6. Impacted is the function createcsvexport of the file services/csv-export-service/app/api/v1/endpoints/csvexport.py of the component CSV Export. This manipulation of the argument...