Description
A flaw has been found in eiceblue spire-pdf-mcp-server 0.1.1. This impacts the function get_pdf_path of the file src/spire_pdf_mcp/server.py of the component PDF File Handler. Executing a manipulation of the argument filepath can lead to path traversal. The attack can be launched remotely. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet.
Published: 2026-04-28
Score: 6.9 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability resides in the get_pdf_path function of the PDF File Handler component. By manipulating the filepath argument, an attacker can traverse directories outside the intended PDF storage location, gaining read access to arbitrary files on the underlying system. The CVSS score of 6.9 reflects a moderate severity, but the exploit is publicly available and can be launched remotely, raising the risk of unauthorized data disclosure.

Affected Systems

eiceblue spire-pdf-mcp-server version 0.1.1; any installation running this exact version is affected. No other versions are listed in the advisory.

Risk and Exploitability

The exploit can be targeted from an external network, using crafted requests to the server. Since the EPSS score is unavailable and the vulnerability is not catalogued in KEV, the likelihood is uncertain but the existence of a published exploit indicates that attackers may already be attempting the attack. The CWE-22 classification highlights that the root cause is improper handling of user-supplied paths.

Generated by OpenCVE AI on April 29, 2026 at 01:16 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Check the vendor’s repository or website for an updated release that patches the get_pdf_path function and install it immediately (e.g., upgrade to a version newer than 0.1.1).
  • If an update is not yet available, limit exposure by placing the PDF server behind a firewall or ensuring it is only reachable from trusted internal hosts to reduce the attack surface.
  • Apply input validation on the filepath parameter to strictly enforce allowed directories or implement a whitelist of permitted characters, thereby preventing path traversal attempts. ALSO, run the server under the minimal privileges necessary and configure file system permissions so that only the intended directories are readable by the process.

Generated by OpenCVE AI on April 29, 2026 at 01:16 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 29 Apr 2026 10:30:00 +0000

Type Values Removed Values Added
First Time appeared Eiceblue
Eiceblue spire-pdf-mcp-server
Vendors & Products Eiceblue
Eiceblue spire-pdf-mcp-server

Tue, 28 Apr 2026 22:15:00 +0000

Type Values Removed Values Added
Description A flaw has been found in eiceblue spire-pdf-mcp-server 0.1.1. This impacts the function get_pdf_path of the file src/spire_pdf_mcp/server.py of the component PDF File Handler. Executing a manipulation of the argument filepath can lead to path traversal. The attack can be launched remotely. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet.
Title eiceblue spire-pdf-mcp-server PDF File server.py get_pdf_path path traversal
Weaknesses CWE-22
References
Metrics cvssV2_0

{'score': 7.5, 'vector': 'AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 7.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Eiceblue Spire-pdf-mcp-server
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-04-29T12:12:49.651Z

Reserved: 2026-04-28T13:00:14.117Z

Link: CVE-2026-7315

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-04-28T22:16:51.380

Modified: 2026-04-29T01:00:01.613

Link: CVE-2026-7315

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-29T10:10:26Z

Weaknesses