CVE-2026-7384

Name of the Vulnerable Software and Affected Versions ezequiroga mcp-bases 357ca19c7a49a9b9cb2ef639b366f03aba8bea39/c630b8ab0f970614d42da8e566e9c0d15a16414c (affected versions not specified)

Description Manipulation of the topic argument in the search papers() function within the research server.py file allows for path traversal, which is a method used to access files and directories that are stored outside the intended folder. This issue enables remote exploitation.

Recommendations As a temporary workaround, consider restricting the use of the topic argument in the search papers() function until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.