EUVD-2026-31699
GHSA-2fh4-hw94-qg7r
Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
A security flaw has been discovered in dazeb cline-mcp-memory-bank up to 55c81b9cf6c16700983c84dc4cdea3cafa19a75f. The affected element is the function handleInitializeMemoryBank of the file src/index.ts. The manipulation of the argument projectPath results in path traversal. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. This product utilizes a rolling release system for continuous delivery, and as such, version information for affected or updated releases is not disclosed. The project was informed of the problem early through an issue report but has not responded yet.
AnalysisAI
Path traversal in dazeb cline-mcp-memory-bank exposes host filesystems to authenticated remote attackers via unsanitized user input in the handleInitializeMemoryBank function of src/index.ts. All versions up to and including commit 55c81b9cf6c16700983c84dc4cdea3cafa19a75f are affected, covering the entire release history of this rolling-release MCP memory tool. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires the attacker to hold at least low-privilege authenticated access to the MCP server instance, as confirmed by CVSS PR:L. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 4.0 base score of 2.1 is notably low, driven by PR:L (low privileges required), limited impact metrics (VC:L/VI:L/VA:L), and no subsequent system scope (SC:N/SI:N/SA:N). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker with low-privilege access to the MCP server - such as a malicious MCP client or a compromised AI tool integration - calls `handleInitializeMemoryBank` with a crafted `projectPath` value such as `../../../../etc/ssh/authorized_keys`. Because the input is not sanitized, the server resolves the traversed path and performs read or write operations on the target file outside the project directory. … |
| Remediation | No vendor-released patch has been identified at time of analysis - the project maintainer had not responded to the responsible disclosure as of the time this CVE was reported. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Share
External POC / Exploit Code
Leaving vuln.today