7 matches found
Directory Traversal
Overview mcp-game-asset-gen is a MCP server for asset generation - image, video, audio, and 3D APIs for game development Affected versions of this package are vulnerable to Directory Traversal via the imageto3dasync function when processing the statusFile argument. An attacker can access or modif...
CVE-2026-7594
A vulnerability was detected in Flux159 mcp-game-asset-gen 0.1.0. Affected is the function imageto3dasync of the file src/index.ts of the component MCP Interface. The manipulation of the argument statusFile results in path traversal. The attack can be executed remotely. The exploit is now public...
CVE-2026-7594 Flux159 mcp-game-asset-gen MCP index.ts image_to_3d_async path traversal
A vulnerability was detected in Flux159 mcp-game-asset-gen 0.1.0. Affected is the function imageto3dasync of the file src/index.ts of the component MCP Interface. The manipulation of the argument statusFile results in path traversal. The attack can be executed remotely. The exploit is now public...
CVE-2026-7594
A vulnerability was detected in Flux159 mcp-game-asset-gen 0.1.0. Affected is the function imageto3dasync of the file src/index.ts of the component MCP Interface. The manipulation of the argument statusFile results in path traversal. The attack can be executed remotely. The exploit is now public...
CVE-2026-7594 Flux159 mcp-game-asset-gen MCP index.ts image_to_3d_async path traversal
A vulnerability was detected in Flux159 mcp-game-asset-gen 0.1.0. Affected is the function imageto3dasync of the file src/index.ts of the component MCP Interface. The manipulation of the argument statusFile results in path traversal. The attack can be executed remotely. The exploit is now public...
MCP Asset Generation Server 路径遍历漏洞
MCP Asset Generation Server is a multi-type asset generation server for game development by the individual developer Suyog Sonwalkar. A path traversal vulnerability exists in MCP Asset Generation Server version 0.1.0, which stems from improper manipulation of the parameter statusFile in the...
PT-2026-36546
Name of the Vulnerable Software and Affected Versions Flux159 mcp-game-asset-gen version 0.1.0 Description A path traversal issue exists in the MCP Interface component within the image to 3d async function of the src/index.ts file. This flaw allows remote attackers to perform path traversal by...