Skip to main content

Mcp Server Arangodb

1 CVEs product

Monthly

CVE-2026-7715 LOW POC Monitor

Path traversal in ravenwits mcp-server-arangodb up to version 0.4.7 allows authenticated remote attackers to manipulate the outputDir argument in the arango_backup function, enabling unauthorized file system access with limited confidentiality and integrity impact. The vulnerability affects the MCP Interface component and has publicly available exploit code; however, the low CVSS score (2.1) reflects constrained real-world risk due to the requirement for authenticated access and limited technical impact scope.

Path Traversal Mcp Server Arangodb
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.1%
EPSS 0% CVSS 2.1
LOW POC Monitor

Path traversal in ravenwits mcp-server-arangodb up to version 0.4.7 allows authenticated remote attackers to manipulate the outputDir argument in the arango_backup function, enabling unauthorized file system access with limited confidentiality and integrity impact. The vulnerability affects the MCP Interface component and has publicly available exploit code; however, the low CVSS score (2.1) reflects constrained real-world risk due to the requirement for authenticated access and limited technical impact scope.

Path Traversal Mcp Server Arangodb
NVD VulDB GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy