Skip to main content

mastergo-magic-mcp CVE-2026-15751

| EUVDEUVD-2026-44571 LOW
Path Traversal (CWE-22)
2026-07-14 cna@vuldb.com GHSA-2957-9wvx-x9f4
1.9
CVSS 4.0 · Vendor: vuldb

Severity by source

Vendor (vuldb) PRIMARY
1.9 LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
5.3 MEDIUM

Local-only invocation via MCP tool requires low privilege; traversal yields limited file read/write, no scope change or high-impact system compromise.

3.1 AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
4.0 AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Primary rating from Vendor (vuldb).

CVSS VectorVendor: vuldb

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

1
Analysis Generated
Jul 14, 2026 - 23:36 vuln.today

DescriptionCVE.org

A security vulnerability has been detected in mastergo-design mastergo-magic-mcp up to 0.2.0. The affected element is the function execute of the file mastergo/component-workflow.md of the component mcp__getComponentGenerator. The manipulation of the argument rootPath leads to path traversal. An attack has to be approached locally. The exploit has been disclosed publicly and may be used. The project was informed of the problem early through an issue report but has not responded yet.

AnalysisAI

Path traversal in mastergo-magic-mcp versions up to 0.2.0 allows local low-privileged attackers to read and write files outside the intended working directory by supplying manipulated path sequences via the rootPath argument of the mcp__getComponentGenerator component's execute function. A public proof-of-concept exploit has been disclosed (CVSS 4.0 E:P), and the vendor has not responded to the issue report, leaving no patch available at time of analysis. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Gain low-privilege local access to MCP host
Delivery
Invoke mcp__getComponentGenerator tool
Exploit
Supply ../traversal sequence in rootPath argument
Execution
execute function resolves unsanitized path
Impact
Read or write files outside component directory

Vulnerability AssessmentAI

Exploitation Exploitation requires local system access (AV:L) and the ability to invoke the `mcp__getComponentGenerator` MCP tool with a controlled `rootPath` argument, which requires at minimum low-privilege (PR:L) access - either as a local shell user, a process running under the same user context as the MCP server, or an AI agent client (e.g., Claude Desktop) that has this MCP server registered and active. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 base score of 1.9 (Very Low) reflects the constrained local attack vector (AV:L), low privilege requirement (PR:L), and uniformly low confidentiality, integrity, and availability impacts (VC:L/VI:L/VA:L) with no subsequent-system impact (SC:N/SI:N/SA:N). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A local user with low-privileged access on a developer workstation running mastergo-magic-mcp submits a crafted MCP tool call to `mcp__getComponentGenerator` with `rootPath` set to a traversal payload such as `../../../../etc/passwd`. The `execute` function passes the unsanitized value directly to a file resolution routine, returning the contents of the target file outside the intended component directory. …
Remediation No vendor-released patch has been identified at time of analysis. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-15751 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy