CVE-2026-7400 in filesystem-mcp-serverinformação

Sumário

de MITRE • 29/04/2026

A security vulnerability has been detected in geekgod382 filesystem-mcp-server 1.0.0. This issue affects the function is_path_allowed of the file server.py of the component read_file_tool/write_file_tool. Such manipulation leads to path traversal. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. Upgrading to version 1.1.0 is capable of addressing this issue. The name of the patch is 45364545fc60dc80aadcd4379f08042d3d3d292e. Upgrading the affected component is advised.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsável

VulDB

Divulgação

29/04/2026

Moderação

aceite

Entrada

VDB-360123

CPE

pronto

CWE

CWE-22 (confirmado)

Exploração

Descarregar

CVSS

7.3 (VulDB)

EPSS

0.00073

KEV

não

Atividades

muito baixo

Sector

Finance, Police, ...

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-7400
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-7400
CVE Details	https://www.cvedetails.com/cve/CVE-2026-7400/

◂ Voltar Visão Geral Próximo ▸

Might our Artificial Intelligence support you?

Check our Alexa App!