top of page
perceptive_background_267k.jpg

A vulnerability was detected in ef10007 MLOps_MCP 1.0.0. This impacts an unknown function of the file fastmcp_server.py of the component save_file Tool. The man…

Published:

27 April 2026 at 22:00:00

Alert date:

28 April 2026 at 21:20:20

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies, Supply Chain & Dependencies

A path traversal vulnerability was discovered in ef10007 MLOps_MCP version 1.0.0, specifically affecting the fastmcp_server.py file in the save_file Tool component. The vulnerability allows attackers to manipulate the filename/destination argument to perform directory traversal attacks remotely. The exploit has been made public and is available for use. The project maintainers were notified through an issue report but have not responded to the disclosure.

Technical details

Mitigation steps:

Affected products:

ef10007 MLOps_MCP

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-7213
https://github.com/ef10007/MLOps_MCP/
https://github.com/ef10007/MLOps_MCP/issues/1
https://vuldb.com/submit/802085
https://vuldb.com/vuln/359809
https://vuldb.com/vuln/359809/cti

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page