EUVD-2026-26723

A vulnerability was detected in Dayoooun hwpx-mcp 0.2.0. This affects the function savedocument/exporttotext/exporttohtml of the file mcp-server/src/index.ts of the component MCP Interface. Performing a manipulation of the argument outputpath results in path traversal. Remote exploitation of the...

CVE-2026-7599

A vulnerability was detected in Dayoooun hwpx-mcp 0.2.0. This affects the function savedocument/exporttotext/exporttohtml of the file mcp-server/src/index.ts of the component MCP Interface. Performing a manipulation of the argument outputpath results in path traversal. Remote exploitation of the...

PT-2026-36551

Name of the Vulnerable Software and Affected Versions Dayoooun hwpx-mcp version 0.2.0 Description A path traversal issue exists in the MCP Interface component within the file mcp-server/src/index.ts. Manipulation of the output path argument in the functions save document, export to text, and expo...

HWPX MCP Server 路径遍历漏洞

HWPX MCP Server is an enhanced version of the HWPX document editing MCP server by Kim dayoun individual developer. A path traversal vulnerability exists in HWPX MCP Server version 0.2.0, which stems from an improper operation of the savedocument/exporttotext/exporttohtml functions of the...