Description
A vulnerability was found in j3k0 mcp-google-workspace up to 831790e7d5c2663325733d9f5579cc339a267c4c. This issue affects the function saveToDisk of the file src/tools/gmail.ts of the component MCP Gmail Tool. Performing a manipulation results in improper access controls. It is possible to initiate the attack remotely. The exploit has been made public and could be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The patch is named 89c091ecf8b9f9c7291d1af0b1966e271f86551c. It is suggested to install a patch to address this issue.
Published: 2026-06-01
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability resides in the MCP Gmail Tool’s saveToDisk function within the gmail.ts module. Improper access control allows an attacker to bypass intended safeguards and write files to arbitrary locations on disk. This access can be exploited remotely and the public exploit demonstrates that malicious code could be executed with elevated privileges. The flaw permits unauthorized disclosure and modification of data stored on the host system, compromising confidentiality and integrity of the local environment.

Affected Systems

The affected product is j3k0 mcp-google-workspace, a rolling‑release tool for managing Google Workspace integration. Any instance built from a commit older than 89c091ecf8b9f9c7291d1af0b1966e271f86551c is vulnerable. No specific version ranges are available because the release model does not tag releases pre‑patch.

Risk and Exploitability

The CVSS score of 5.3 indicates moderate severity, but the lack of an EPSS score does not reflect the absence of exploitation attempts. The vulnerability is publicly available and can be triggered remotely, suggesting a realistic exploitation probability. The weakness is based on access‑control and privilege‑injection failures (CWE‑266, CWE‑284). Given its remote nature and the public exploit, the risk to environments running unpatched code is significant, especially where the tool has high privileges or unrestricted file access.

Generated by OpenCVE AI on June 1, 2026 at 20:26 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to the patched version from commit 89c091ecf8b9f9c7291d1af0b1966e271f86551c immediately
  • Restrict execution context of the MCP Gmail Tool so it runs with the minimal necessary permissions
  • Implement monitoring of file creation events in directories affected by saveToDisk to detect unauthorized writes

Generated by OpenCVE AI on June 1, 2026 at 20:26 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 01 Jun 2026 20:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 01 Jun 2026 19:00:00 +0000

Type Values Removed Values Added
Description A vulnerability was found in j3k0 mcp-google-workspace up to 831790e7d5c2663325733d9f5579cc339a267c4c. This issue affects the function saveToDisk of the file src/tools/gmail.ts of the component MCP Gmail Tool. Performing a manipulation results in improper access controls. It is possible to initiate the attack remotely. The exploit has been made public and could be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The patch is named 89c091ecf8b9f9c7291d1af0b1966e271f86551c. It is suggested to install a patch to address this issue.
Title j3k0 mcp-google-workspace MCP Gmail Tool gmail.ts saveToDisk access control
First Time appeared J3k0
J3k0 mcp-google-workspace
Weaknesses CWE-266
CWE-284
CPEs cpe:2.3:a:j3k0:mcp-google-workspace:*:*:*:*:*:*:*:*
Vendors & Products J3k0
J3k0 mcp-google-workspace
References
Metrics cvssV2_0

{'score': 6.5, 'vector': 'AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C'}

cvssV3_0

{'score': 6.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C'}

cvssV3_1

{'score': 6.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

J3k0 Mcp-google-workspace
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-06-01T19:34:35.621Z

Reserved: 2026-05-31T16:06:06.795Z

Link: CVE-2026-10277

cve-icon Vulnrichment

Updated: 2026-06-01T19:34:30.267Z

cve-icon NVD

Status : Deferred

Published: 2026-06-01T19:16:20.240

Modified: 2026-06-02T13:03:31.153

Link: CVE-2026-10277

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-02T20:53:32Z

Weaknesses
  • CWE-266

    Incorrect Privilege Assignment

  • CWE-284

    Improper Access Control