Skip to main content

mcp-debugger EUVD-2026-31697

| CVE-2026-9467 LOW
Path Traversal (CWE-22)
2026-05-25 VulDB GHSA-8744-whr8-7m8p
Path Traversal Mcp Debugger
2.1
CVSS 4.0 · NVD

Severity by source

NVD PRIMARY
2.1 LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

3
Analysis Generated
Jun 08, 2026 - 12:52 vuln.today
Severity Changed
May 26, 2026 - 20:07 NVD
MEDIUM LOW
CVSS changed
May 26, 2026 - 20:07 NVD
4.3 (MEDIUM) 2.1 (LOW)

DescriptionCVE.org

A vulnerability was identified in debugmcp mcp-debugger up to 0.20.0. Impacted is the function handleGetSourceContext of the file src/server.ts. The manipulation leads to path traversal. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

Path traversal in debugmcp mcp-debugger through version 0.20.0 enables authenticated remote attackers with low-privilege access to read arbitrary files outside the intended directory via the handleGetSourceContext function in src/server.ts. Impact is restricted to limited confidentiality exposure on the vulnerable system (CVSS VC:L) with no integrity or availability consequence, yielding a CVSS 4.0 score of 2.1. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain low-privilege credentials for mcp-debugger server
Delivery
Send crafted request to handleGetSourceContext endpoint
Exploit
Supply path traversal sequence (e.g., ../../) in path parameter
Execution
Server reads file outside intended directory
Impact
Exfiltrate contents of targeted sensitive file
Sign in to reveal

Vulnerability AssessmentAI

Exploitation Exploitation requires that the attacker hold a low-privilege authenticated session against the mcp-debugger server, as confirmed by the CVSS 4.0 PR:L vector - fully unauthenticated attackers are excluded. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 score of 2.1 is genuinely low and reflects the constrained impact profile: network-accessible (AV:N) with low complexity (AC:L), but gated behind low-privilege authentication (PR:L) and delivering only limited, read-only confidentiality exposure (VC:L) with no integrity or availability impact on either the vulnerable or subsequent systems. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A low-privilege authenticated user sends a crafted MCP request to the mcp-debugger server targeting the `handleGetSourceContext` endpoint, supplying a path parameter containing directory traversal sequences (e.g., `../../etc/passwd` or equivalent) to escape the intended source directory and read sensitive files accessible to the server process. A public proof-of-concept demonstrating this technique is referenced on GitHub at https://github.com/hyk6225/public_exp/issues/1, lowering the skill barrier for exploitation. …
Remediation No vendor-released patch has been identified at time of analysis - the vendor did not respond to responsible disclosure, so no fix version can be cited. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-31697 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy