Skip to main content

mcp-rtfm EUVDEUVD-2026-26882

| CVE-2026-7728 LOW
Path Traversal (CWE-22)
2026-05-04 VulDB
2.1
CVSS 4.0 · NVD

Severity by source

NVD PRIMARY
2.1 LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

9
PoC Detected
May 04, 2026 - 15:18 vuln.today
Public exploit code
Severity Changed
May 04, 2026 - 05:22 NVD
MEDIUM LOW
CVSS changed
May 04, 2026 - 05:22 NVD
6.3 (MEDIUM) 2.1 (LOW)
Source Code Evidence Fetched
May 04, 2026 - 05:00 vuln.today
Analysis Generated
May 04, 2026 - 05:00 vuln.today
EUVD ID Assigned
May 04, 2026 - 04:30 euvd
EUVD-2026-26882
Analysis Generated
May 04, 2026 - 04:30 vuln.today
Patch released
May 04, 2026 - 04:30 nvd
Patch available
CVE Published
May 04, 2026 - 03:30 nvd
LOW 2.1

DescriptionCVE.org

A vulnerability was identified in ryanjoachim mcp-rtfm 0.1.0. This vulnerability affects the function get_doc_content/read_doc/update_doc of the component MCP Interface. Such manipulation of the argument docFile leads to path traversal. The attack can be launched remotely. The exploit is publicly available and might be used. The name of the patch is e6f0686fc36012f78236e7fed172c81444904b0b. It is best practice to apply a patch to resolve this issue.

AnalysisAI

Path traversal in ryanjoachim mcp-rtfm 0.1.0 allows authenticated remote attackers to read, write, and delete arbitrary files by manipulating the docFile parameter in the get_doc_content, read_doc, update_doc, and related MCP interface functions. Publicly available exploit code exists, and the vulnerability affects all versions of the product without a patched release identifier provided. An authenticated user can exploit this with no user interaction required via network access to escape the intended .handoff_docs directory and access files outside the designated documentation scope.

Technical ContextAI

The mcp-rtfm project is a Model Context Protocol (MCP) server that provides tools for reading and updating documentation files. The vulnerability exists in the doc-handlers.ts, refresh-handlers.ts, and search-handlers.ts modules, where user-supplied docFile parameters were concatenated directly into file paths without validation. This is a classic path traversal flaw (CWE-22) where attackers can inject sequences like '../' or '..' to navigate parent directories. The patch introduces a validateDocFile function that enforces strict input validation: rejecting forward and backward slashes, blocking '..' sequences, and using path.resolve() to compute absolute paths and verify they remain within the intended .handoff_docs directory before file operations. The vulnerability affects the entire CPE range cpe:2.3:a:ryanjoachim:mcp-rtfm:*:*:*:*:*:*:*:* indicating all versions are susceptible until patched.

RemediationAI

Apply the upstream patch immediately by upgrading to the first mcp-rtfm release that includes commit e6f0686fc36012f78236e7fed172c81444904b0b or later. The patch adds validateDocFile validation that rejects path separators, '..' sequences, and verifies file paths remain within the .handoff_docs directory. Until patching is complete, restrict network access to the mcp-rtfm MCP server to only trusted internal users and disable or restrict the get_doc_content, read_doc, update_doc, refresh_documentation, and get_related_docs functions if they are not in active use. Monitor file access logs for the .handoff_docs directory and parent directories for unexpected read/write patterns. After patching, test that legitimate documentation file operations still function correctly and that traversal attempts (e.g., requests with '../' or '..\' in docFile) are now rejected with an InvalidParams error.

Share

EUVD-2026-26882 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy