excel-mcp-server 路径遍历漏洞

excel-mcp-server is an Excel file operation server developed by Haris, a personal developer. It supports the creation, reading, and modification of workbooks. Versions of excel-mcp-server prior to 0.1.7 have a path traversal vulnerability. This vulnerability stems from the getexcelpath function n...

CVE-2026-22612 Fickling vulnerable to detection bypass due to "builtins" blindness

Fickling is a Python pickling decompiler and static analyzer. Prior to version 0.1.7, Fickling is vulnerable to detection bypass due to "builtins" blindness. This issue has been patched in version 0.1.7...