Skip to main content

Zmcptools

1 CVEs product

Monthly

CVE-2026-7445 LOW POC Monitor

Path traversal in ZMCPTools up to version 0.2.2 allows authenticated remote attackers to read or manipulate files outside intended directories via the dirname argument in the MCP Log Resource Handler component. The vulnerability is exploitable over the network by authenticated users with low privileges, has publicly available exploit code, and carries a CVSS score of 2.1 reflecting low confidentiality and integrity impact with no scope expansion.

Path Traversal Zmcptools
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.1%
EPSS 0% CVSS 2.1
LOW POC Monitor

Path traversal in ZMCPTools up to version 0.2.2 allows authenticated remote attackers to read or manipulate files outside intended directories via the dirname argument in the MCP Log Resource Handler component. The vulnerability is exploitable over the network by authenticated users with low privileges, has publicly available exploit code, and carries a CVSS score of 2.1 reflecting low confidentiality and integrity impact with no scope expansion.

Path Traversal Zmcptools
NVD VulDB GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy