Skip to main content

memory-bank-mcp EUVDEUVD-2026-43266

| CVE-2026-15524 LOW
Path Traversal (CWE-22)
2026-07-13 VulDB GHSA-xj39-q498-f3c8
1.9
CVSS 4.0 · Vendor: VulDB

Severity by source

Vendor (VulDB) PRIMARY
1.9 MEDIUM
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
3.3 LOW

Local vector and low-privilege requirement match description; confidentiality-only impact reflects read access beyond project boundary with no integrity or availability consequence.

3.1 AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.0 AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (VulDB).

CVSS VectorVendor: VulDB

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

4
Severity Changed
Jul 13, 2026 - 03:22 NVD
MEDIUM LOW
CVSS changed
Jul 13, 2026 - 03:22 NVD
4.8 (MEDIUM) 1.9 (LOW)
Analysis Generated
Jul 13, 2026 - 03:03 vuln.today
CVE Published
Jul 13, 2026 - 02:15 cve.org
MEDIUM 4.8

DescriptionCVE.org

A security vulnerability has been detected in alioshr memory-bank-mcp up to 0.2.1/3.1. This affects an unknown part of the file list-project-files-validation-factory.ts. Such manipulation of the argument projectName leads to path traversal. Local access is required to approach this attack. The exploit has been disclosed publicly and may be used. The project was informed of the problem early through an issue report but has not responded yet.

AnalysisAI

Path traversal in alioshr memory-bank-mcp through versions 0.2.1 and 3.1 allows a local low-privileged user to read files outside the intended project directory boundary by supplying traversal sequences in the projectName argument processed by list-project-files-validation-factory.ts. A public proof-of-concept has been disclosed via GitHub issue #36, and no patch is available as the vendor has not yet responded to the coordinated disclosure. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain local low-privilege OS account
Delivery
Invoke list-project-files MCP function
Exploit
Supply traversal payload as projectName argument
Execution
Server constructs out-of-bounds path
Impact
Read files accessible to MCP server process

Vulnerability AssessmentAI

Exploitation Local OS access with at least a low-privilege user account is required (AV:L/PR:L per CVSS 4.0 vector) - remote unauthenticated exploitation is not possible. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 vector (AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N) yields a score of 4.8 (Medium), accurately reflecting the limited real-world impact: local access is required, only a low-privilege OS account is needed, and impact is confined to partial confidentiality loss with no integrity or availability consequence. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A local user with a standard OS account on a host running memory-bank-mcp invokes the project file-listing functionality and supplies a crafted `projectName` value containing directory traversal sequences such as `../../etc/` as the argument. The server processes the unsanitized input, constructs an out-of-bounds path, and returns directory contents or file data from outside the intended project root accessible to the server process. …
Remediation No vendor-released patch has been identified at time of analysis; the maintainer had not responded to the coordinated disclosure as of the reporting date. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-43266 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy