12 matches found
CVE-2026-7212
A security vulnerability has been detected in edvardlindelof notes-mcp up to 0.1.4. This affects an unknown function of the file notesmcp.py. The manipulation of the argument rootdir/path leads to path traversal. The attack is possible to be carried out remotely. The exploit has been disclosed...
GHSA-VC5J-42HH-J3MR notes-mcp has a Path Traversal issue
A security vulnerability has been detected in edvardlindelof notes-mcp up to 0.1.4. This affects an unknown function of the file notesmcp.py. The manipulation of the argument rootdir/path leads to path traversal. The attack is possible to be carried out remotely. The exploit has been disclosed...
notes-mcp has a Path Traversal issue
A security vulnerability has been detected in edvardlindelof notes-mcp up to 0.1.4. This affects an unknown function of the file notesmcp.py. The manipulation of the argument rootdir/path leads to path traversal. The attack is possible to be carried out remotely. The exploit has been disclosed...
Directory Traversal
Overview notes-mcp is a MCP for managing markdown notes with YAML frontmatter Affected versions of this package are vulnerable to Directory Traversal via the rootdir or path arguments in the notesmcp.py process. An attacker can access or modify files outside the intended directory by supplying...
CVE-2026-7212
A security vulnerability has been detected in edvardlindelof notes-mcp up to 0.1.4. This affects an unknown function of the file notesmcp.py. The manipulation of the argument rootdir/path leads to path traversal. The attack is possible to be carried out remotely. The exploit has been disclosed...
CVE-2026-7212 edvardlindelof notes-mcp notes_mcp.py path traversal
A security vulnerability has been detected in edvardlindelof notes-mcp up to 0.1.4. This affects an unknown function of the file notesmcp.py. The manipulation of the argument rootdir/path leads to path traversal. The attack is possible to be carried out remotely. The exploit has been disclosed...
CVE-2026-7212 edvardlindelof notes-mcp notes_mcp.py path traversal
A security vulnerability has been detected in edvardlindelof notes-mcp up to 0.1.4. This affects an unknown function of the file notesmcp.py. The manipulation of the argument rootdir/path leads to path traversal. The attack is possible to be carried out remotely. The exploit has been disclosed...
EUVD-2026-25965
A security vulnerability has been detected in edvardlindelof notes-mcp up to 0.1.4. This affects an unknown function of the file notesmcp.py. The manipulation of the argument rootdir/path leads to path traversal. The attack is possible to be carried out remotely. The exploit has been disclosed...
CVE-2026-7212
CVE-2026-7212 affects the edvardlindelof notes-mcp project up to version 0.1.4, specifically via an issue in the notes_mcp.py file where manipulation of the arguments root_dir or path enables a path traversal vulnerability. The vulnerability is exploitable remotely and, according to the provided ...
CVE-2026-7212
A security vulnerability has been detected in edvardlindelof notes-mcp up to 0.1.4. This affects an unknown function of the file notesmcp.py. The manipulation of the argument rootdir/path leads to path traversal. The attack is possible to be carried out remotely. The exploit has been disclosed...
PT-2026-35585
A security vulnerability has been detected in edvardlindelof notes-mcp up to 0.1.4. This affects an unknown function of the file notes mcp.py. The manipulation of the argument root dir/path leads to path traversal. The attack is possible to be carried out remotely. The exploit has been disclosed...
Notes MCP server 路径遍历漏洞
Notes MCP Server is a text content collaboration management tool developed by Edvard Lindelof. Versions of Notes MCP Server prior to 0.1.4 contained a path traversal vulnerability. This vulnerability stemmed from incorrect handling of parameters rootdir and path in the notesmcp.py file, which cou...