Brucejin

**Name of the Vulnerable Software and Affected Versions** Deepractice PromptX versions prior to 2.4.0 **Description** An absolute path traversal issue exists in the Document File Handler component within the file `packages/mcp-office/src/index.ts`. The flaw occurs when the `path` argument is manipulated in the `read docx()`, `read xlsx()`, `read pptx()`, `list xlsx sheets()`, or `read pdf()` functions, allowing for remote execution of the attack. **Recommendations** As a temporary workaround, restrict access to the `read docx()`, `read xlsx()`, `read pptx()`, `list xlsx sheets()`, and `read pdf()` functions until a patch is available.

**Name of the Vulnerable Software and Affected Versions** matlab-mcp-server versions prior to ab88f6b9bf5f36f725e8628029f7f6dd0d9913ca **Description** A path traversal flaw exists in the MCP Interface component, specifically within the `execute matlab code()` function of the `generate matlab code` process located in the `src/index.ts` file. A remote attacker can exploit this by manipulating the `scriptPath` argument, allowing unauthorized access to files or directories outside the intended folder. **Recommendations** Update to a version later than ab88f6b9bf5f36f725e8628029f7f6dd0d9913ca. As a temporary workaround, restrict or validate the input provided to the `scriptPath` argument in the `execute matlab code()` function to prevent path traversal.

**Name of the Vulnerable Software and Affected Versions** DV0x creative-ad-agent versions prior to 3d255865a957f3740b8724dd914502c0f44d4970 **Description** A path traversal issue exists in the `creative-ad-agent-server` component within the `server/sdk-server.ts` file. Manipulation of the `req.params` argument allows for remote exploitation. **Recommendations** Apply patch 3d255865a957f3740b8724dd914502c0f44d4970.

**Name of the Vulnerable Software and Affected Versions** AgiFlow scaffold-mcp versions prior to 1.1.0 **Description** A path traversal issue exists in the `write-to-file` Tool within the `packages/scaffold-mcp/src/server/index.ts` file. A remote attacker can exploit this by manipulating the `file path` argument, allowing unauthorized access to or modification of files outside the intended directory. **Recommendations** Upgrade to version 1.1.0.

**Name of the Vulnerable Software and Affected Versions** ErlichLiu claude-agent-sdk-master versions up to b185aa7ff0d864581257008077b4010fca1747bf **Description** A path traversal issue exists in the 'app/api/agent-output/route.ts' file. A remote attacker can exploit this by manipulating the `outputFile` argument, allowing unauthorized access to files or directories outside the intended folder. **Recommendations** As a temporary workaround, restrict access to the 'app/api/agent-output/route.ts' endpoint or avoid using the `outputFile` argument until a fix is provided. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** BrowserOperator browser-operator-core versions prior to 0.6.1 **Description** A path traversal issue exists in the `startsWith()` function within the `scripts/component server/server.js` file. A remote attacker can exploit this by manipulating the `request.url` variable, potentially allowing unauthorized access to files or directories outside the intended folder. **Recommendations** As a temporary workaround, restrict access to the `startsWith()` function in the `scripts/component server/server.js` file or avoid using the `request.url` variable in the affected component until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** BigSweetPotatoStudio HyperChat versions prior to 2.0.0-alpha.64 **Description** A server-side request forgery (SSRF) issue exists in the AI Proxy Middleware component. The `fetch()` function within the `packages/core/src/http/aiProxyMiddleware.mts` file does not properly handle the `baseurl` variable, allowing a remote attacker to manipulate it to trigger unauthorized requests from the server. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, restrict access to the AI Proxy Middleware component or avoid using the `baseurl` parameter in the affected function.

**Name of the Vulnerable Software and Affected Versions** TencentCloudBase CloudBase-MCP versions prior to 2.17.1 **Description** Remote manipulation of the `req.body.url` variable within the `openUrl()` function of the `mcp/src/interactive-server.ts` file in the open-url component allows for server-side request forgery (SSRF). SSRF is a flaw that allows an attacker to induce the server-side application to make requests to an unintended location. **Recommendations** Upgrade to version 2.17.1. As a temporary workaround, restrict access to the `openUrl()` function until the update is applied.

**Name of the Vulnerable Software and Affected Versions** ShadowCloneLabs GlutamateMCPServers versions up to e2de73280b01e5d943593dd1aa2c01c5b9112f78 **Description** A remote server-side request forgery (SSRF) exists in the `puppeteer navigate` component within the file `src/puppeteer/index.ts`. This issue occurs when the `url` argument is manipulated, allowing an attacker to induce the server to make unintended requests. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions atototo api-lab-mcp versions up to 0.2.1 Description A weakness exists in the HTTP Interface component of atototo api-lab-mcp. Manipulation of the `source/url` argument within the `analyze api spec/generate test scenarios/test http endpoint` function in the `src/mcp/http-server.ts` file can lead to server-side request forgery (SSRF). This issue is remotely exploitable. Recommendations Versions prior to 0.2.1 are recommended.

Name of the Vulnerable Software and Affected Versions Agions taskflow-ai versions through 2.1.8 Description A security flaw exists in Agions taskflow-ai up to version 2.1.8. The issue impacts an unknown function within the `src/mcp/server/handlers.ts` file of the `terminal execute` component, leading to OS command injection. The attack can be carried out remotely. Recommendations Upgrade to version 2.1.9 to resolve this issue.

**Name of the Vulnerable Software and Affected Versions** bigsk1 openai-realtime-ui versions up to 188ccde27fdf3d8fab8da81f3893468f53b2797c **Description** A security flaw exists in bigsk1 openai-realtime-ui. The issue is located in an unknown function within the `server.js` file of the API Proxy Endpoint component. Manipulation of the `Query` argument can lead to server-side request forgery (SSRF). This attack can be initiated remotely. The exploit is publicly available. **Recommendations** Install patch 54f8f50f43af97c334a881af7b021e84b5b8310f to address this issue.

Name of the Vulnerable Software and Affected Versions idachev mcp-javadc versions up to 1.2.4 Description A flaw exists in the HTTP Interface component of idachev mcp-javadc, potentially allowing remote attackers to execute operating system commands. Manipulation of the `jarFilePath` argument within an unknown function can lead to OS command injection. The exploit is publicly available. Recommendations Update to a version beyond 1.2.4.

Name of the Vulnerable Software and Affected Versions suvarchal docker-mcp-server versions up to 0.1.0 Description A weakness exists in the `stop container`/`remove container`/`pull image` function within the `src/index.ts` file of the HTTP Interface component. This can lead to operating system command injection, potentially allowing remote execution of commands. The exploit has been publicly released. Recommendations Update to a version beyond 0.1.0. As a temporary workaround, restrict access to the HTTP Interface component or disable the `stop container()`, `remove container()`, and `pull image()` functions until a patch is available.

Name of the Vulnerable Software and Affected Versions Braffolk mcp-summarization-functions versions up to 0.1.5 Description A flaw exists in Braffolk mcp-summarization-functions up to version 0.1.5. The issue impacts an unknown function within the `src/server/mcp-server.ts` file of the `summarize command` component. Manipulation of the `command` argument can lead to operating system command injection. Local access is required for exploitation. The exploit has been published. Recommendations Update to a version beyond 0.1.5.

Name of the Vulnerable Software and Affected Versions ChrisChinchilla Vale-MCP versions up to 0.1.0 Description A vulnerability exists in ChrisChinchilla Vale-MCP up to version 0.1.0, specifically within the file `src/index.ts` of the HTTP Interface component. The manipulation of the `config path` argument results in OS command injection. Local access is required for exploitation. The exploit has been publicly disclosed. Recommendations Update ChrisChinchilla Vale-MCP to a version beyond 0.1.0.

Name of the Vulnerable Software and Affected Versions MoussaabBadla code-screenshot-mcp versions up to 0.1.0 Description A security issue exists in the HTTP Interface component of MoussaabBadla code-screenshot-mcp. This allows for os command injection, potentially enabling remote attacks. The exploit has been publicly disclosed. The vendor was notified but did not respond. Recommendations Versions prior to 0.1.0 should be updated. As a temporary workaround, consider disabling the HTTP Interface component until a patch is available.