27 matches found
CVE-2026-7149
A vulnerability has been found in dexhunter kaggle-mcp up to 406127ffcb2b91b8c10e20e6c2ca787fbc1dc92d. This vulnerability affects the function preparekaggledataset of the file src/kagglemcp/server.py. The manipulation of the argument competitionid leads to path traversal. The attack is possible t...
MAL-2026-3693 Malicious code in kaggle-runner (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8dcd49ca70b987b236ba4341d839addfec9afb344e1471195f2f825281092f71 kagglerunner/coordinator.py embeds a bash reverse-shell template rvsstr that connects to vtool.duckdns.org:23454 via ncat with retry/backoff plus a...
Malicious code in kaggle-runner (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8dcd49ca70b987b236ba4341d839addfec9afb344e1471195f2f825281092f71 kagglerunner/coordinator.py embeds a bash reverse-shell template rvsstr that connects to vtool.duckdns.org:23454 via ncat with retry/backoff plus a...
Directory Traversal
Overview kaggle-mcp is an A MCP server for kaggle apis Affected versions of this package are vulnerable to Directory Traversal via the preparekaggledataset function in src/kagglemcp/server.py when processing the competitionid argument. An attacker can access arbitrary files on the server by...
GHSA-Q882-JC55-6343 kaggle-mcp has a Path Traversal issue
A vulnerability has been found in dexhunter kaggle-mcp up to 406127ffcb2b91b8c10e20e6c2ca787fbc1dc92d. This vulnerability affects the function preparekaggledataset of the file src/kagglemcp/server.py. The manipulation of the argument competitionid leads to path traversal. The attack is possible t...
kaggle-mcp has a Path Traversal issue
A vulnerability has been found in dexhunter kaggle-mcp up to 406127ffcb2b91b8c10e20e6c2ca787fbc1dc92d. This vulnerability affects the function preparekaggledataset of the file src/kagglemcp/server.py. The manipulation of the argument competitionid leads to path traversal. The attack is possible t...
CVE-2026-7149
A vulnerability has been found in dexhunter kaggle-mcp up to 406127ffcb2b91b8c10e20e6c2ca787fbc1dc92d. This vulnerability affects the function preparekaggledataset of the file src/kagglemcp/server.py. The manipulation of the argument competitionid leads to path traversal. The attack is possible t...
CVE-2026-7149
CVE-2026-7149 affects dexhunter kaggle-mcp: path traversal vulnerability in src/kaggle_mcp/server.py::prepare_kaggle_dataset caused by manipulating the competition_id. Attack is remote and publicly disclosed; no explicit affected version details can be given due to rolling-release policy. Project...
CVE-2026-7149 dexhunter kaggle-mcp server.py prepare_kaggle_dataset path traversal
A vulnerability has been found in dexhunter kaggle-mcp up to 406127ffcb2b91b8c10e20e6c2ca787fbc1dc92d. This vulnerability affects the function preparekaggledataset of the file src/kagglemcp/server.py. The manipulation of the argument competitionid leads to path traversal. The attack is possible t...
CVE-2026-7149
A vulnerability has been found in dexhunter kaggle-mcp up to 406127ffcb2b91b8c10e20e6c2ca787fbc1dc92d. This vulnerability affects the function preparekaggledataset of the file src/kagglemcp/server.py. The manipulation of the argument competitionid leads to path traversal. The attack is possible t...
EUVD-2026-25911
A vulnerability has been found in dexhunter kaggle-mcp up to 406127ffcb2b91b8c10e20e6c2ca787fbc1dc92d. This vulnerability affects the function preparekaggledataset of the file src/kagglemcp/server.py. The manipulation of the argument competitionid leads to path traversal. The attack is possible t...
CVE-2026-7149 dexhunter kaggle-mcp server.py prepare_kaggle_dataset path traversal
A vulnerability has been found in dexhunter kaggle-mcp up to 406127ffcb2b91b8c10e20e6c2ca787fbc1dc92d. This vulnerability affects the function preparekaggledataset of the file src/kagglemcp/server.py. The manipulation of the argument competitionid leads to path traversal. The attack is possible t...
kaggle-mcp MCP server 路径遍历漏洞
Kaggle-mcp MCP server is a MCP server tool developed by Dex’s individual developers for Kaggle APIs. The kaggle-mcp MCP server has a path traversal vulnerability. This vulnerability stems from improper handling of the competitionid parameter in the preparekaggledataset function located in the...
PT-2026-35516
A vulnerability has been found in dexhunter kaggle-mcp up to 406127ffcb2b91b8c10e20e6c2ca787fbc1dc92d. This vulnerability affects the function prepare kaggle dataset of the file src/kaggle mcp/server.py. The manipulation of the argument competition id leads to path traversal. The attack is possib...
EUVD-2024-47985
Malicious code in bioql PyPI...
Trojan Horse Hunt in Time Series Forecasting for Space Operations
This competition hosted on Kaggle https://www.kaggle.com/competitions/trojan-horse-hunt-in-space is the first part of a series of follow-up competitions and hackathons related to the "Assurance for Space Domain AI Applications" project funded by the European Space Agency...
Optimized Approaches to Malware Detection: a Study of Machine Learning and Deep Learning Techniques
Digital systems find it challenging to keep up with cybersecurity threats. The daily emergence of more than 560,000 new malware strains poses significant hazards to the digital ecosystem. The traditional malware detection methods fail to operate properly and yield high false positive rates with l...
Command Injection
deeplake is vulnerable to Command Injection. The vulnerability is due to a lack of input sanitization within the ingestkaggle API when ingesting a remote Kaggle dataset, allowing an attacker to execute arbitrary commands on the server...
CVE-2024-6507
Command injection when ingesting a remote Kaggle dataset due to a lack of input sanitization in the ingestkaggle API...
CVE-2024-6507
Command injection when ingesting a remote Kaggle dataset due to a lack of input sanitization in the ingestkaggle API...