Description
A vulnerability was detected in ezequiroga mcp-bases 357ca19c7a49a9b9cb2ef639b366f03aba8bea39/c630b8ab0f970614d42da8e566e9c0d15a16414c. This impacts the function search_papers of the file research_server.py. Performing a manipulation of the argument topic results in path traversal. Remote exploitation of the attack is possible. The exploit is now public and may be used. This product follows a rolling release approach for continuous delivery, so version details for affected or updated releases are not provided. The project was informed of the problem early through an issue report but has not responded yet.
Published: 2026-04-29
Score: 6.9 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A path traversal flaw exists in the search_papers function of research_server.py. By manipulating the topic argument, an attacker can read files outside the intended directory. Remote exploitation is possible, meaning an attacker can reach the vulnerable function over the network and gain unauthorized access to sensitive files, potentially leading to further compromise if executable files are read.

Affected Systems

The vulnerability affects ezequiroga’s mcp-bases project. No specific version numbers are listed because the project follows a rolling release model, so all current releases are potentially impacted until a patch is provided.

Risk and Exploitability

The CVSS score of 6.9 reflects a moderate to high risk. EPSS data is unavailable, and the vulnerability has not yet been listed in CISA’s KEV catalog. Attackers likely need to send crafted requests to the research_server.py endpoint, and success depends on the exposed API surface and lack of input validation. Because the issue is publicly documented and no response from the maintainer has been received, the risk of exploitation remains significant.

Generated by OpenCVE AI on April 29, 2026 at 16:54 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Check the currently deployed commit of mcp-bases and determine if the vulnerable code path exists; if a newer commit addresses the issue, update to that commit immediately.
  • Implement input validation for the topic parameter by allowing only a defined whitelist of characters or by resolving paths relative to a safe base directory before use, to eliminate the effect of the path traversal.
  • Configure a web application firewall or similar controls to block requests containing traversal sequences such as "../" or absolute paths in the topic field.
  • Consider temporarily disabling the search_papers endpoint or restricting its access to trusted users until the vulnerability can be fixed.

Generated by OpenCVE AI on April 29, 2026 at 16:54 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 29 Apr 2026 14:45:00 +0000

Type Values Removed Values Added
Description A vulnerability was detected in ezequiroga mcp-bases 357ca19c7a49a9b9cb2ef639b366f03aba8bea39/c630b8ab0f970614d42da8e566e9c0d15a16414c. This impacts the function search_papers of the file research_server.py. Performing a manipulation of the argument topic results in path traversal. Remote exploitation of the attack is possible. The exploit is now public and may be used. This product follows a rolling release approach for continuous delivery, so version details for affected or updated releases are not provided. The project was informed of the problem early through an issue report but has not responded yet.
Title ezequiroga mcp-bases research_server.py search_papers path traversal
Weaknesses CWE-22
References
Metrics cvssV2_0

{'score': 7.5, 'vector': 'AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 7.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-04-29T14:40:38.992Z

Reserved: 2026-04-29T08:45:03.357Z

Link: CVE-2026-7384

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2026-04-29T15:16:11.007

Modified: 2026-04-29T21:16:21.590

Link: CVE-2026-7384

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-29T17:00:13Z

Weaknesses