{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-7213", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-04-27T15:06:41.997Z", "datePublished": "2026-04-28T01:30:26.926Z", "dateUpdated": "2026-04-29T14:06:04.600Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-28T01:30:26.926Z"}, "title": "ef10007 MLOps_MCP save_file Tool fastmcp_server.py path traversal", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-22", "lang": "en", "description": "Path Traversal"}]}], "affected": [{"vendor": "ef10007", "product": "MLOps_MCP", "versions": [{"version": "1.0.0", "status": "affected"}], "modules": ["save_file Tool"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was detected in ef10007 MLOps_MCP 1.0.0. This impacts an unknown function of the file fastmcp_server.py of the component save_file Tool. The manipulation of the argument filename/destination results in path traversal. The attack may be performed from remote. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 6.9, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 7.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R", "baseSeverity": "HIGH"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 7.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R", "baseSeverity": "HIGH"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2026-04-27T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-04-27T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-04-27T17:12:10.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "SmallW (VulDB User)", "type": "reporter"}, {"lang": "en", "value": "VulDB CNA Team", "type": "coordinator"}], "references": [{"url": "https://vuldb.com/vuln/359809", "name": "VDB-359809 | ef10007 MLOps_MCP save_file Tool fastmcp_server.py path traversal", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/359809/cti", "name": "VDB-359809 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/802085", "name": "Submit #802085 | ef10007 MLOps_MCP 1.0.0 Path Traversal", "tags": ["third-party-advisory"]}, {"url": "https://github.com/ef10007/MLOps_MCP/issues/1", "tags": ["exploit", "issue-tracking"]}, {"url": "https://github.com/ef10007/MLOps_MCP/", "tags": ["product"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-29T14:04:32.026559Z", "id": "CVE-2026-7213", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-29T14:06:04.600Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-7213", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-29T14:04:32.026559Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-29T14:05:43.264Z"}}], "cna": {"title": "ef10007 MLOps_MCP save_file Tool fastmcp_server.py path traversal", "credits": [{"lang": "en", "type": "reporter", "value": "SmallW (VulDB User)"}, {"lang": "en", "type": "coordinator", "value": "VulDB CNA Team"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 6.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR"}}], "affected": [{"vendor": "ef10007", "modules": ["save_file Tool"], "product": "MLOps_MCP", "versions": [{"status": "affected", "version": "1.0.0"}]}], "timeline": [{"lang": "en", "time": "2026-04-27T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2026-04-27T02:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2026-04-27T17:12:10.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/vuln/359809", "name": "VDB-359809 | ef10007 MLOps_MCP save_file Tool fastmcp_server.py path traversal", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/359809/cti", "name": "VDB-359809 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/802085", "name": "Submit #802085 | ef10007 MLOps_MCP 1.0.0 Path Traversal", "tags": ["third-party-advisory"]}, {"url": "https://github.com/ef10007/MLOps_MCP/issues/1", "tags": ["exploit", "issue-tracking"]}, {"url": "https://github.com/ef10007/MLOps_MCP/", "tags": ["product"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was detected in ef10007 MLOps_MCP 1.0.0. This impacts an unknown function of the file fastmcp_server.py of the component save_file Tool. The manipulation of the argument filename/destination results in path traversal. The attack may be performed from remote. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "Path Traversal"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-28T01:30:26.926Z"}}}, "cveMetadata": {"cveId": "CVE-2026-7213", "state": "PUBLISHED", "dateUpdated": "2026-04-29T14:06:04.600Z", "dateReserved": "2026-04-27T15:06:41.997Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2026-04-28T01:30:26.926Z", "assignerShortName": "VulDB"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was detected in ef10007 MLOps_MCP 1.0.0. This impacts an unknown function of the file fastmcp_server.py of the component save_file Tool. The manipulation of the argument filename/destination results in path traversal. The attack may be performed from remote. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet."}], "id": "CVE-2026-7213", "lastModified": "2026-04-29T01:00:01.613", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.4, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-04-28T02:16:08.780", "references": [{"source": "cna@vuldb.com", "url": "https://github.com/ef10007/MLOps_MCP/"}, {"source": "cna@vuldb.com", "url": "https://github.com/ef10007/MLOps_MCP/issues/1"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/submit/802085"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/359809"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/359809/cti"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.0.0"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "MLOps_MCP", "source": "cna", "vendor": "ef10007"}, "product": "mlops_mcp", "vendor": "ef10007"}], "analysis": {"en": {"generated_at": "2026-04-28T23:23:31.985902+00:00", "value": {"mitigation_remediation": ["Update MLOps_MCP to the latest released version once a patch addressing the path traversal issue is made available.", "Validate and sanitize the filename and destination parameters in the save_file tool to reject sequences such as \"..\" or absolute paths before passing them to the filesystem.", "Restrict file system permissions for the user running fastmcp_server.py so that it can only access the intended subdirectory and cannot write to the broader system.", "If the file upload functionality is not required, disable or remove the save_file endpoint to eliminate the attack surface."], "summary": {"action": "Patch", "impact": "Path Traversal"}, "threat_synthesis": {"affected_systems": "The affected product is ef10007 MLOps_MCP version 1.0.0. The exploit targets the fastmcp_server.py component, specifically the save_file function. No other versions or components were reported as affected, and the vendor has not released a fixed version yet.", "description_and_impact": "The vulnerability resides in the save_file tool of ef10007 MLOps_MCP version 1.0.0. An attacker can supply a crafted filename or destination argument that includes path traversal sequences, causing the fastmcp_server.py routine to write or read files outside the intended directory. This allows remote users to access or modify arbitrary files on the host, potentially exposing sensitive data or enabling further compromise. The weakness is a classic path traversal flaw (CWE-22) and is rated as moderate severity with a CVSS score of 6.9.", "risk_and_exploitability": "The CVSS score of 6.9 reflects a moderate risk, and the EPSS score of < 1% indicates a low probability of widespread exploitation. Since the vulnerability is publicly disclosed and can be triggered remotely, the potential for attackers to read or overwrite sensitive files exists. The absence from the KEV catalog means it is not yet listed as widely exploited, but the remote nature and lack of patch emphasize the importance of timely mitigation."}}}}, "created": "2026-04-28T09:16:32.889035+00:00", "updated": "2026-04-28T23:30:06.117026+00:00", "vendors": ["ef10007", "ef10007$PRODUCT$mlops_mcp"]}