CVE-2026-7404

A weakness has been identified in getsimpletool mcpo-simple-server up to 0.2.0. Affected is the function deletesharedprompt of the file src/mcposimpleserver/services/promptmanager/basemanager.py. This manipulation of the argument detail causes relative path traversal. It is possible to initiate t...

CVE-2026-7404

The CVE affects getsimpletool mcpo-simple-server up to 0.2.0. The vulnerability is in delete_shared_prompt (src/mcpo_simple_server/services/prompt_manager/base_manager.py), where manipulation of the detail argument enables relative path traversal. It can be exploited remotely, and a public exploi...

PT-2026-36006

Name of the Vulnerable Software and Affected Versions getsimpletool mcpo-simple-server versions prior to 0.2.1 Description A relative path traversal issue exists in the delete shared prompt function within the src/mcpo simple server/services/prompt manager/base manager.py file. This occurs due to...

MCPoSimpleServer 路径遍历漏洞

MCPoSimpleServer is a lightweight asynchronous LLM server based on the MCP protocol, developed as part of the GetSimpleTool open-source project. Versions of MCPoSimpleServer 0.2.0 and earlier contained a path traversal vulnerability. This vulnerability stemmed from the detail operation in the...