Description
A vulnerability has been found in ravenwits mcp-server-arangodb up to 0.4.7. This affects the function arango_backup of the file src/tools.ts of the component MCP Interface. Such manipulation of the argument outputDir leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
Published: 2026-05-04
Score: 5.3 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability originates in the arango_backup function of the MCP Server for Arangodb component, where an unchecked outputDir parameter can be manipulated to perform path traversal. An attacker can control the directory location used during backup creation, potentially creating or overwriting files outside the intended backup directory. This path traversal flaw could allow the construction of arbitrary file paths, providing the possibility to write malicious files or exfiltrate sensitive data. The weakness corresponds to CWE‑22 and is announced as remotely exploitable.

Affected Systems

The flaw affects all released versions of the ravenwits mcp-server-arangodb up to and including 0.4.7. Users running any of these versions are susceptible to the attack. No specific later releases have been listed as vulnerable, implying patching in a newer release.

Risk and Exploitability

The CVSS score of the flaw is 5.3, placing it in the moderate severity range. No EPSS score is available, and the issue is not yet listed in the CISA KEV catalog. Because the attacker can trigger the backup operation remotely, the risk of exploitation is realistic in exposed deployments. Successful exploitation could lead to unauthorized file creation or potential data exfiltration, depending on filesystem permissions of the service process.

Generated by OpenCVE AI on May 4, 2026 at 02:24 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade ravenwits mcp-server-arangodb to a version newer than 0.4.7 that contains the fixed backup routine.
  • If an upgrade is not immediately possible, enforce strict input validation on the outputDir argument to reject any relative path components or construct a whitelist of allowed backup locations.
  • Consider disabling remote backup functionality or restricting it to trusted network segments until a patch is available.

Generated by OpenCVE AI on May 4, 2026 at 02:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 04 May 2026 01:15:00 +0000

Type Values Removed Values Added
Description A vulnerability has been found in ravenwits mcp-server-arangodb up to 0.4.7. This affects the function arango_backup of the file src/tools.ts of the component MCP Interface. Such manipulation of the argument outputDir leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
Title ravenwits mcp-server-arangodb MCP tools.ts arango_backup path traversal
Weaknesses CWE-22
References
Metrics cvssV2_0

{'score': 6.5, 'vector': 'AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 6.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 6.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-05-04T00:30:15.090Z

Reserved: 2026-05-03T08:01:31.698Z

Link: CVE-2026-7715

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-04T01:16:05.037

Modified: 2026-05-04T01:16:05.037

Link: CVE-2026-7715

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-04T02:30:34Z

Weaknesses