Description
A vulnerability was detected in ef10007 MLOps_MCP 1.0.0. This impacts an unknown function of the file fastmcp_server.py of the component save_file Tool. The manipulation of the argument filename/destination results in path traversal. The attack may be performed from remote. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
Published: 2026-04-28
Score: 6.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Path Traversal
Action: Patch
AI Analysis

Impact

The vulnerability resides in the save_file tool of ef10007 MLOps_MCP version 1.0.0. An attacker can supply a crafted filename or destination argument that includes path traversal sequences, causing the fastmcp_server.py routine to write or read files outside the intended directory. This allows remote users to access or modify arbitrary files on the host, potentially exposing sensitive data or enabling further compromise. The weakness is a classic path traversal flaw (CWE-22) and is rated as moderate severity with a CVSS score of 6.9.

Affected Systems

The affected product is ef10007 MLOps_MCP version 1.0.0. The exploit targets the fastmcp_server.py component, specifically the save_file function. No other versions or components were reported as affected, and the vendor has not released a fixed version yet.

Risk and Exploitability

The CVSS score of 6.9 reflects a moderate risk, and the EPSS score of < 1% indicates a low probability of widespread exploitation. Since the vulnerability is publicly disclosed and can be triggered remotely, the potential for attackers to read or overwrite sensitive files exists. The absence from the KEV catalog means it is not yet listed as widely exploited, but the remote nature and lack of patch emphasize the importance of timely mitigation.

Generated by OpenCVE AI on April 28, 2026 at 23:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update MLOps_MCP to the latest released version once a patch addressing the path traversal issue is made available.
  • Validate and sanitize the filename and destination parameters in the save_file tool to reject sequences such as ".." or absolute paths before passing them to the filesystem.
  • Restrict file system permissions for the user running fastmcp_server.py so that it can only access the intended subdirectory and cannot write to the broader system.
  • If the file upload functionality is not required, disable or remove the save_file endpoint to eliminate the attack surface.

Generated by OpenCVE AI on April 28, 2026 at 23:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 29 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 28 Apr 2026 09:45:00 +0000

Type Values Removed Values Added
First Time appeared Ef10007
Ef10007 mlops Mcp
Vendors & Products Ef10007
Ef10007 mlops Mcp

Tue, 28 Apr 2026 02:00:00 +0000

Type Values Removed Values Added
Description A vulnerability was detected in ef10007 MLOps_MCP 1.0.0. This impacts an unknown function of the file fastmcp_server.py of the component save_file Tool. The manipulation of the argument filename/destination results in path traversal. The attack may be performed from remote. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
Title ef10007 MLOps_MCP save_file Tool fastmcp_server.py path traversal
Weaknesses CWE-22
References
Metrics cvssV2_0

{'score': 7.5, 'vector': 'AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 7.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Ef10007 Mlops Mcp
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-04-29T14:06:04.600Z

Reserved: 2026-04-27T15:06:41.997Z

Link: CVE-2026-7213

cve-icon Vulnrichment

Updated: 2026-04-29T14:05:43.264Z

cve-icon NVD

Status : Deferred

Published: 2026-04-28T02:16:08.780

Modified: 2026-04-29T01:00:01.613

Link: CVE-2026-7213

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T23:30:06Z

Weaknesses