Smallw

**Name of the Vulnerable Software and Affected Versions** egtai gmx-vmd-mcp versions prior to 0.1.0 **Description** A command injection flaw exists in the VMD Launch Handler component within the `launch vmd gui tool()` function of the `mcp server.py` file. A remote attacker can exploit this by manipulating the `structure file` or `trajectory file` arguments. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** edvardlindelof notes-mcp versions prior to 0.1.5 **Description** A path traversal issue exists in the `notes mcp.py` file. Remote attackers can exploit this by manipulating the `root dir/path` argument to access files and directories outside the intended folder. **Recommendations** Update to a version later than 0.1.4. As a temporary workaround, restrict or validate the `root dir/path` argument to prevent unauthorized directory access.

**Name of the Vulnerable Software and Affected Versions** ef10007 MLOps MCP version 1.0.0 **Description** A path traversal issue exists in the `save file` Tool within the `fastmcp server.py` file. A remote attacker can manipulate the `filename/destination` argument to access or overwrite files outside the intended directory. Path traversal is a vulnerability that allows an attacker to read or write files on the server by using special character sequences, such as "../", to navigate the file system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, restrict access to the `save file` Tool or avoid using the `filename/destination` argument until a patch is available.

**Name of the Vulnerable Software and Affected Versions** eghuzefa engineer-your-data versions prior to 0.1.4 **Description** A path traversal issue exists in the `src/server.py` file. The manipulation of the `WORKSPACE PATH` argument within the `read file()`, `write file()`, `list files()`, and `file inf()` functions allows a remote attacker to access or modify files outside the intended directory. Path traversal is a technique that allows an attacker to read or write files on the server by manipulating file paths using special sequences like dot-dot-slash (../). **Recommendations** As a temporary workaround, restrict access to the `read file()`, `write file()`, `list files()`, and `file inf()` functions or avoid using the `WORKSPACE PATH` argument until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** duartium papers-mcp-server version 9ceb3812a6458ba7922ca24a7406f8807bc55598 **Description** A path traversal issue exists in the `search papers()` function within the `src/main.py` file. This occurs when the `topic` argument is manipulated, allowing a remote attacker to access files and directories outside the intended folder. **Recommendations** As a temporary workaround, restrict or validate the input for the `topic` argument in the `search papers()` function to prevent path traversal. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** dubydu sqlite-mcp versions prior to 0.1.1 **Description** A flaw in the `extract to json()` function within the `src/entry.py` file allows for remote SQL injection. This occurs when the `output filename` argument is manipulated, enabling an attacker to execute unauthorized SQL commands. **Recommendations** Apply patch a5580cb992f4f6c308c9ffe6442b2e76709db548. As a temporary workaround, restrict or avoid the use of the `output filename` argument in the `extract to json()` function.

**Name of the Vulnerable Software and Affected Versions** dvladimirov MCP versions prior to 0.1.1 **Description** A command injection flaw exists in the Git Search API component within the `GitSearchRequest()` function of the `mcp server.py` file. A remote attacker can execute this by manipulating the `repo url` or `pattern` arguments. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, restrict access to the `GitSearchRequest()` function or avoid using the `repo url` and `pattern` arguments until a patch is available.

**Name of the Vulnerable Software and Affected Versions** dmitryglhf mcp-url-downloader versions prior to 4b8cf2de55f6e8864a77d108e8a94a5b8e4394c6 **Description** An issue in the ` validate url safe()` function within the `src/mcp url downloader/server.py` file allows for server-side request forgery (SSRF), a flaw where an attacker can induce the server to make requests to an unintended location. This can be executed remotely by manipulating the `url` argument. **Recommendations** Update to a version later than 4b8cf2de55f6e8864a77d108e8a94a5b8e4394c6. As a temporary workaround, restrict access to the ` validate url safe()` function to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** douinc mkdocs-mcp-plugin versions prior to 0.4.2 **Description** A path traversal issue exists in the `read document()` and `list documents()` functions within the `server.py` file. A remote attacker can exploit this by manipulating the `docs dir` or `file path` arguments to access files outside the intended directory. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, restrict access to the `read document()` and `list documents()` functions to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** disler aider-mcp-server versions prior to b2516fa466d0d851932da92ee6d0e66946db9efc **Description** A command injection flaw exists in the `aider ai code` component within the `src/aider mcp server/server.py` file. This issue occurs due to improper manipulation of the `relative editable files` argument, allowing remote attackers to execute arbitrary commands. **Recommendations** Update to a version later than b2516fa466d0d851932da92ee6d0e66946db9efc. As a temporary workaround, restrict or avoid using the `relative editable files` argument until a formal patch is applied.