Lucene search
K

15 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:39 p.m.7 views

CVE-2026-7811

A vulnerability has been found in 54yyyu code-mcp up to 4cfc4643541a110c906d93635b391bf7e357f4a8. The affected element is the function issafepath of the file src/codemcp/server.py of the component MCP File Handler. Such manipulation leads to path traversal. It is possible to launch the attack...

7.5CVSS6.6AI score0.00418EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/05 6:31 a.m.9 views

EUVD-2026-27215

A vulnerability has been found in 54yyyu code-mcp up to 4cfc4643541a110c906d93635b391bf7e357f4a8. The affected element is the function issafepath of the file src/codemcp/server.py of the component MCP File Handler. Such manipulation leads to path traversal. It is possible to launch the attack...

7.5CVSS5.4AI score0.00418EPSS
Exploits0References6
NVD
NVD
added 2026/05/05 5:16 a.m.13 views

CVE-2026-7811

A vulnerability has been found in 54yyyu code-mcp up to 4cfc4643541a110c906d93635b391bf7e357f4a8. The affected element is the function issafepath of the file src/codemcp/server.py of the component MCP File Handler. Such manipulation leads to path traversal. It is possible to launch the attack...

7.5CVSS0.00418EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/05 4:0 a.m.35 views

CVE-2026-7811 54yyyu code-mcp MCP File server.py is_safe_path path traversal

A vulnerability has been found in 54yyyu code-mcp up to 4cfc4643541a110c906d93635b391bf7e357f4a8. The affected element is the function issafepath of the file src/codemcp/server.py of the component MCP File Handler. Such manipulation leads to path traversal. It is possible to launch the attack...

7.5CVSS0.00418EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/05 4:0 a.m.11 views

CVE-2026-7811 54yyyu code-mcp MCP File server.py is_safe_path path traversal

A vulnerability has been found in 54yyyu code-mcp up to 4cfc4643541a110c906d93635b391bf7e357f4a8. The affected element is the function issafepath of the file src/codemcp/server.py of the component MCP File Handler. Such manipulation leads to path traversal. It is possible to launch the attack...

7.5CVSS6.6AI score0.00418EPSS
Exploits0References5
CVE
CVE
added 2026/05/05 4:0 a.m.12 views

CVE-2026-7811

Summary (CVE-2026-7811): A path traversal vulnerability affects 54yyyu code-mcp up to commit 4cfc4643541a110c906d93635b391bf7e357f4a8 in the MCP File Handler component. The is_safe_path function in src/code_mcp/server.py is implicated. Exploitation can be performed remotely. Public disclosure exi...

7.5CVSS6.6AI score0.00418EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/05 12:0 a.m.8 views

PT-2026-36972

A vulnerability has been found in 54yyyu code-mcp up to 4cfc4643541a110c906d93635b391bf7e357f4a8. The affected element is the function is safe path of the file src/code mcp/server.py of the component MCP File Handler. Such manipulation leads to path traversal. It is possible to launch the attack...

7.5CVSS6.6AI score0.00418EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/04/28 3:15 a.m.3 views

CVE-2026-7220

A vulnerability has been found in jackwrichards FastlyMCP up to 6f3d0b0e654fc51076badc7fa16c03c461f95620. This impacts an unknown function of the file fastly-mcp.mjs of the component fastlycli Tool. The manipulation of the argument command leads to os command injection. It is possible to initiate...

7.5CVSS5.3AI score0.01338EPSS
Exploits0References5
NVD
NVD
added 2026/04/28 2:16 a.m.6 views

CVE-2026-7212

A security vulnerability has been detected in edvardlindelof notes-mcp up to 0.1.4. This affects an unknown function of the file notesmcp.py. The manipulation of the argument rootdir/path leads to path traversal. The attack is possible to be carried out remotely. The exploit has been disclosed...

7.5CVSS0.0041EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/28 12:0 a.m.6 views

PT-2026-35829

A vulnerability has been found in eiliyaabedini aider-mcp up to 667b914301aada695aab0e46d1fb3a7d5e32c8af. Affected is an unknown function of the file aider mcp.py of the component code with ai. The manipulation of the argument working dir/editable files leads to command injection. The attack may ...

7.5CVSS7AI score0.01334EPSS
Exploits0References6
NVD
NVD
added 2025/11/05 12:15 a.m.4 views

CVE-2025-64109

Cursor is a code editor built for programming with AI. In versions and below, a vulnerability in the Cursor CLI Beta allowed an attacker to achieve remote code execution through the MCP Model Context Protocol server mechanism by uploading a malicious MCP configuration in .cursor/mcp.json file in ...

8.8CVSS0.00471EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2009-1669

Malware in sbrugna...

9.3CVSS6.4AI score0.04902EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2025-23405

Malicious code in bioql PyPI...

8.8CVSS6.7AI score0.07598EPSS
Exploits2References1
CNNVD
CNNVD
added 2025/06/27 12:0 a.m.6 views

Roo Code 命令注入漏洞

Roo Code is an AI-based autonomous coding agent from Roo Code. A command injection vulnerability exists in Roo Code versions prior to 3.20.3, which stems from a .roo/mcp.json file configuration that allows the execution of arbitrary commands, which could lead to arbitrary command execution...

8.1CVSS7.7AI score0.00571EPSS
Exploits0References3
Prion
Prion
added 2009/05/18 6:30 p.m.12 views

Stack overflow

Stack-based buffer overflow in Microchip MPLAB IDE 8.30 allows user-assisted remote attackers to execute arbitrary code via a long .cof pathname in a TOOLSETTINGS section in a .mcp file, possibly a related issue to CVE-2009-1608...

9.3CVSS8.5AI score0.11191EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder