Mysti
Monthly
Information disclosure in DeepMyst Mysti's Per-Project Auto-Memory Handler allows low-privileged remote attackers to expose resources by supplying a manipulated workspacePath argument to the initProjectMemory function in src/managers/MemoryManager.ts. EUVD-2026-41610 confirms versions 0.1 through 0.4.0 are affected. No active exploitation (CISA KEV) or public exploit code has been identified at time of analysis; the CVSS 4.0 score of 5.3 reflects a limited, confidentiality-only impact with no integrity or availability consequences.
Information disclosure in DeepMyst Mysti's Per-Project Auto-Memory Handler allows low-privileged remote attackers to expose resources by supplying a manipulated workspacePath argument to the initProjectMemory function in src/managers/MemoryManager.ts. EUVD-2026-41610 confirms versions 0.1 through 0.4.0 are affected. No active exploitation (CISA KEV) or public exploit code has been identified at time of analysis; the CVSS 4.0 score of 5.3 reflects a limited, confidentiality-only impact with no integrity or availability consequences.