Skip to main content

markdownify-mcp EUVDEUVD-2026-41724

| CVE-2026-14699 MEDIUM
UNIX Symbolic Link (Symlink) Following (CWE-61)
2026-07-05 VulDB GHSA-mf9r-r6pc-8fc6
4.8
CVSS 4.0 · Vendor: VulDB
Share

Severity by source

Vendor (VulDB) PRIMARY
4.8 MEDIUM
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
3.3 LOW

Local symlink exploitation requires low-privilege filesystem access; only limited confidentiality impact via path bypass, no integrity or availability effects apply.

3.1 AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.0 AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (VulDB).

CVSS VectorVendor: VulDB

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

1
Analysis Generated
Jul 05, 2026 - 04:54 vuln.today

DescriptionCVE.org

A weakness has been identified in zcaceres markdownify-mcp up to 1.1.0. The affected element is the function assertPathAllowed of the file src/Markdownify.ts. Executing a manipulation can lead to symlink following. The attack can only be executed locally. The pull request to fix this issue awaits acceptance.

AnalysisAI

Symlink following in zcaceres markdownify-mcp up to version 1.1.0 allows a local low-privilege user to read files outside the intended directory boundary by exploiting insufficient path resolution in the assertPathAllowed function of src/Markdownify.ts. The function evaluates the user-supplied symbolic path rather than its canonicalized target, enabling an attacker to bypass the path restriction check and disclose arbitrary local files. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Gain local low-privilege shell access
Delivery
Create symlink in markdownify-mcp allowed directory pointing to sensitive target
Exploit
Submit symlink path via MCP request interface
Execution
assertPathAllowed validates symbolic path, bypass succeeds
Impact
Sensitive file contents returned by server

Vulnerability AssessmentAI

Exploitation Exploitation requires local system access with low-privilege credentials sufficient to create symlinks in a directory accessible to the markdownify-mcp process (PR:L per the CVSS 4.0 vector AV:L/PR:L). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 score of 4.8 with vector AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N accurately characterizes this as a local, low-complexity, low-privilege information disclosure with no integrity or availability impact. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A local user with low-privilege access creates a symlink inside a directory that markdownify-mcp permits - for example, placing `link.txt -> /etc/passwd` within the allowed working directory. When the user passes the symlink path to markdownify-mcp, `assertPathAllowed` validates the symlink path itself (which resides in the allowed directory) rather than the resolved target, allowing the check to pass. …
Remediation A fix is available as GitHub pull request #109 (https://github.com/zcaceres/markdownify-mcp/pull/109), which awaits maintainer acceptance - no tagged patched release has been confirmed at time of analysis. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-41724 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy