|
301
|
7.3 |
HIGH
Network
|
-
|
-
|
A security vulnerability has been detected in edvardlindelof notes-mcp up to 0.1.4. This affects an unknown function of the file notes_mcp.py. The manipulation of the argument root_dir/path leads to …
New
|
CWE-22
Path Traversal
|
CVE-2026-7212
|
2026-04-29 10:00 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was detected in ef10007 MLOps_MCP 1.0.0. This impacts an unknown function of the file fastmcp_server.py of the component save_file Tool. The manipulation of the argument filename/dest…
New
|
CWE-22
Path Traversal
|
CVE-2026-7213
|
2026-04-29 10:00 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was identified in eghuzefa engineer-your-data up to 0.1.3. This vulnerability affects the function read_file/write_file/list_files/file_inf of the file src/server.py. The manipulation…
New
|
CWE-22
Path Traversal
|
CVE-2026-7214
|
2026-04-29 10:00 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304
|
7.3 |
HIGH
Network
|
-
|
-
|
A security flaw has been discovered in egtai gmx-vmd-mcp up to 0.1.0. This issue affects the function launch_vmd_gui_tool of the file mcp_server.py of the component VMD Launch Handler. The manipulati…
New
|
CWE-74
CWE-77
Injection
Command Injection
|
CVE-2026-7215
|
2026-04-29 10:00 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305
|
7.3 |
HIGH
Network
|
-
|
-
|
A weakness has been identified in donchelo processing-claude-mcp-bridge up to e017b20a4b592a45531a6392f494007f04e661bd. Impacted is an unknown function of the file processing_server.py of the compone…
New
|
CWE-22
Path Traversal
|
CVE-2026-7216
|
2026-04-29 10:00 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability has been found in jackwrichards FastlyMCP up to 6f3d0b0e654fc51076badc7fa16c03c461f95620. This impacts an unknown function of the file fastly-mcp.mjs of the component fastly_cli Tool.…
New
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-7220
|
2026-04-29 10:00 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was found in TencentCloudBase CloudBase-MCP up to 2.17.0. Affected is the function openUrl of the file mcp/src/interactive-server.ts of the component open-url API Endpoint. The manipu…
New
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-7221
|
2026-04-29 10:00 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308
|
3.5 |
LOW
Network
|
-
|
-
|
A vulnerability was determined in code-projects Coaching Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /cims/modules/student/complaint.php of the compo…
New
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-7222
|
2026-04-29 10:00 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was identified in BigSweetPotatoStudio HyperChat up to 2.0.0-alpha.63. Affected by this issue is the function fetch of the file packages/core/src/http/aiProxyMiddleware.mts of the com…
New
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-7223
|
2026-04-29 10:00 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310
|
7.3 |
HIGH
Network
|
-
|
-
|
A security flaw has been discovered in SourceCodester Pizzafy Ecommerce System 1.0. This affects the function delete_cart of the file /admin/ajax.php?action=delete_cart. Performing a manipulation of …
New
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7224
|
2026-04-29 10:00 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
