Lucene search
K

7 matches found

Snyk
Snyk
added 2026/05/01 11:30 p.m.14 views

Directory Traversal

Overview mcp-game-asset-gen is a MCP server for asset generation - image, video, audio, and 3D APIs for game development Affected versions of this package are vulnerable to Directory Traversal via the imageto3dasync function when processing the statusFile argument. An attacker can access or modif...

7.5CVSS7.5AI score0.00418EPSS
Exploits0References2
NVD
NVD
added 2026/05/01 9:16 p.m.4 views

CVE-2026-7594

A vulnerability was detected in Flux159 mcp-game-asset-gen 0.1.0. Affected is the function imageto3dasync of the file src/index.ts of the component MCP Interface. The manipulation of the argument statusFile results in path traversal. The attack can be executed remotely. The exploit is now public...

7.5CVSS0.00418EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/01 8:30 p.m.30 views

CVE-2026-7594 Flux159 mcp-game-asset-gen MCP index.ts image_to_3d_async path traversal

A vulnerability was detected in Flux159 mcp-game-asset-gen 0.1.0. Affected is the function imageto3dasync of the file src/index.ts of the component MCP Interface. The manipulation of the argument statusFile results in path traversal. The attack can be executed remotely. The exploit is now public...

7.5CVSS0.00418EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/01 8:30 p.m.5 views

CVE-2026-7594

A vulnerability was detected in Flux159 mcp-game-asset-gen 0.1.0. Affected is the function imageto3dasync of the file src/index.ts of the component MCP Interface. The manipulation of the argument statusFile results in path traversal. The attack can be executed remotely. The exploit is now public...

7.5CVSS6.8AI score0.00418EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/01 8:30 p.m.4 views

CVE-2026-7594 Flux159 mcp-game-asset-gen MCP index.ts image_to_3d_async path traversal

A vulnerability was detected in Flux159 mcp-game-asset-gen 0.1.0. Affected is the function imageto3dasync of the file src/index.ts of the component MCP Interface. The manipulation of the argument statusFile results in path traversal. The attack can be executed remotely. The exploit is now public...

7.5CVSS6.8AI score0.00418EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/01 12:0 a.m.8 views

MCP Asset Generation Server 路径遍历漏洞

MCP Asset Generation Server is a multi-type asset generation server for game development by the individual developer Suyog Sonwalkar. A path traversal vulnerability exists in MCP Asset Generation Server version 0.1.0, which stems from improper manipulation of the parameter statusFile in the...

7.5CVSS7AI score0.00418EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.9 views

PT-2026-36546

Name of the Vulnerable Software and Affected Versions Flux159 mcp-game-asset-gen version 0.1.0 Description A path traversal issue exists in the MCP Interface component within the image to 3d async function of the src/index.ts file. This flaw allows remote attackers to perform path traversal by...

7.5CVSS7.1AI score0.00418EPSS
Exploits0References9
Rows per page
Query Builder