Severity by source
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Local-only attack requiring low privileges to supply projectPath; write-capable traversal yields limited file read/write/overwrite with no scope change.
Primary rating from Vendor (VulDB).
CVSS VectorVendor: VulDB
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
A security flaw has been discovered in tugcantopaloglu godot-mcp 2.0.0. Affected by this vulnerability is the function validatePath of the file build/index.js of the component run_project. The manipulation of the argument projectPath results in path traversal. Attacking locally is a requirement. The exploit has been released to the public and may be used for attacks. Upgrading to version 3.0.0 addresses this issue. The patch is identified as eb63add552aa4bd9205395cf91b40654654a3cf2. It is suggested to upgrade the affected component.
AnalysisAI
Path traversal in tugcantopaloglu godot-mcp 2.0.0 allows a local low-privileged user to escape the intended project directory by manipulating the projectPath argument passed to the validatePath function within the run_project component. A public proof-of-concept has been disclosed via GitHub issue #9, raising practical exploitability above the raw CVSS score of 4.8 would suggest. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires local access to the host system running godot-mcp 2.0.0 and at minimum low-privilege user rights sufficient to invoke the run_project component and supply a crafted projectPath argument to validatePath - consistent with CVSS PR:L. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 4.0 base vector (AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N) scores 4.8, reflecting a medium-severity local flaw. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | A local user with low-privilege access to a developer workstation or CI system running godot-mcp 2.0.0 invokes the run_project functionality and supplies a crafted projectPath argument containing directory traversal sequences (e.g., ../../../../etc/passwd or ../../../../home/user/.ssh/id_rsa). The validatePath function fails to canonicalize the input, allowing the attacker to read sensitive files outside the Godot project directory or overwrite files to which the process has write access. … |
| Remediation | Upgrade godot-mcp to version 3.0.0, which resolves the path traversal via commit eb63add552aa4bd9205395cf91b40654654a3cf2 (https://github.com/tugcantopaloglu/godot-mcp/commit/eb63add552aa4bd9205395cf91b40654654a3cf2); the patched release is available at https://github.com/tugcantopaloglu/godot-mcp/releases/tag/v3.0.0. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-22 – Path Traversal
View allSame technique Path Traversal
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-43264
GHSA-9cqv-qvmj-xrc4