9 matches found
CVE-2026-7403
A security flaw has been discovered in geldata gel-mcp 0.1.0. This impacts the function listrules/fetchrule of the file src/gelmcp/server.py. The manipulation of the argument rulename results in path traversal. The attack may be performed from remote. The exploit has been released to the public a...
CVE-2026-7403
A security flaw has been discovered in geldata gel-mcp 0.1.0. This impacts the function listrules/fetchrule of the file src/gelmcp/server.py. The manipulation of the argument rulename results in path traversal. The attack may be performed from remote. The exploit has been released to the public a...
CVE-2026-7403
A security flaw has been discovered in geldata gel-mcp 0.1.0. This impacts the function listrules/fetchrule of the file src/gelmcp/server.py. The manipulation of the argument rulename results in path traversal. The attack may be performed from remote. The exploit has been released to the public a...
CVE-2026-7403 geldata gel-mcp server.py fetch_rule path traversal
A security flaw has been discovered in geldata gel-mcp 0.1.0. This impacts the function listrules/fetchrule of the file src/gelmcp/server.py. The manipulation of the argument rulename results in path traversal. The attack may be performed from remote. The exploit has been released to the public a...
CVE-2026-7403
CVE-2026-7403 affects geldata gel-mcp 0.1.0. The vulnerability is in src/gel_mcp/server.py, function list_rules/fetch_rule, where manipulating the argument rule_name enables path traversal. This could be exploited remotely; the exploit is publicly available. The project was informed of the issue ...
EUVD-2026-26287
A security flaw has been discovered in geldata gel-mcp 0.1.0. This impacts the function listrules/fetchrule of the file src/gelmcp/server.py. The manipulation of the argument rulename results in path traversal. The attack may be performed from remote. The exploit has been released to the public a...
CVE-2026-7403 geldata gel-mcp server.py fetch_rule path traversal
A security flaw has been discovered in geldata gel-mcp 0.1.0. This impacts the function listrules/fetchrule of the file src/gelmcp/server.py. The manipulation of the argument rulename results in path traversal. The attack may be performed from remote. The exploit has been released to the public a...
PT-2026-36005
A security flaw has been discovered in geldata gel-mcp 0.1.0. This impacts the function list rules/fetch rule of the file src/gel mcp/server.py. The manipulation of the argument rule name results in path traversal. The attack may be performed from remote. The exploit has been released to the publ...
Gel MCP server 路径遍历漏洞
The Gel MCP server is a MCP server tool developed by Gel for the Gel open-source database. Version 0.1.0 of the Gel MCP server contains a path traversal vulnerability. This vulnerability stems from improper handling of the parameter rulename in the listrules/fetchrule function located in the file...