Ccccccctfi

**Nome do Software Vulnerável e Versões Afetadas** horizon921 mcpilot versão 0.1.0 **Description** Uma falsificação de solicitação do lado do servidor (SSRF) existe no MCP API Call Endpoint dentro do arquivo `client/src/app/api/mcp/call/route.ts`. Este problema permite que um invasor remoto manipule o argumento `serverBaseUrl` para disparar solicitações não autorizadas a partir do servidor. **Recommendations** No momento, não há informações sobre uma versão mais recente que contenha a correção para esta vulnerabilidade.

A vulnerability was determined in ishayoyo excel-mcp up to 1.0.2. Impacted is an unknown function of the file src/index.ts of the component read file/write file. Executing a manipulation of the argument filePath/outputPath can lead to path traversal. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized. The project was informed of the problem early through an issue report but has not responded yet.

A vulnerability was identified in hiraishikentaro wezterm-mcp 0.1.0. The affected element is an unknown function of the file src/wezterm executor.ts of the component switch pane/write to specific pane. The manipulation of the argument request.params.arguments.pane id leads to os command injection. The attack can be initiated remotely. The exploit is publicly available and might be used. The project was informed of the problem early through an issue report but has not responded yet.

A vulnerability was determined in indrasishbanerjee aem-mcp-server up to b5f833aef9b5dfd17a5991b3b18a8a11edbdc583. This impacts the function getAssetMetadata of the file src/mcp-server.ts of the component Axios Request Flow. Executing a manipulation of the argument assetPath can lead to server-side request forgery. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The project was informed of the problem early through an issue report but has not responded yet.

A vulnerability has been found in hekmon8 Jenkins-server-mcp 0.1.0. This vulnerability affects the function jobPath of the file src/index.ts of the component get build status/get build log/trigger build. Such manipulation leads to server-side request forgery. The attack may be performed from remote. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.

A vulnerability was found in j3k0 mcp-google-workspace up to 831790e7d5c2663325733d9f5579cc339a267c4c. This issue affects the function saveToDisk of the file src/tools/gmail.ts of the component MCP Gmail Tool. Performing a manipulation results in improper access controls. It is possible to initiate the attack remotely. The exploit has been made public and could be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The patch is named 89c091ecf8b9f9c7291d1af0b1966e271f86551c. It is suggested to install a patch to address this issue.

**Nome do Software Vulnerável e Versões Afetadas** huangjunsen0406 xiaozhi-mcphub versões anteriores a 1.0.4 **Descrição** Um problema de path traversal existe no arquivo `src/controllers/dxtController.ts`. Um invasor remoto pode explorar isso manipulando o argumento `manifest.name`, permitindo o acesso não autorizado a arquivos ou diretórios fora da pasta pretendida. **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha a correção para esta vulnerabilidade.

**Nome do Software Vulnerável e Versões Afetadas** gyoridavid short-video-maker versões anteriores a 1.3.5 **Descrição** Uma falha de path traversal existe no componente REST API dentro do arquivo `src/server/routers/rest.ts`. Um invasor remoto pode explorar isso manipulando o argumento `req.params.tmpFile`, permitindo o acesso não autorizado a arquivos ou diretórios fora da pasta pretendida. **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha a correção para esta vulnerabilidade.