top of page
perceptive_background_267k.jpg

A vulnerability was detected in ef10007 MLOps_MCP 1.0.0. This impacts an unknown function of the file fastmcp_server.py of the component save_file Tool. The man…

Published:

27 April 2026 at 22:00:00

Alert date:

28 April 2026 at 03:01:19

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies, Emerging Technologies

A path traversal vulnerability was discovered in ef10007 MLOps_MCP version 1.0.0, specifically affecting the fastmcp_server.py file in the save_file Tool component. The vulnerability allows manipulation of the filename/destination argument to perform path traversal attacks. The attack can be executed remotely and the exploit code is now publicly available. The project maintainer was notified through an issue report but has not responded to the disclosure.

Technical details

Mitigation steps:

Affected products:

ef10007 MLOps_MCP

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-7213
https://github.com/ef10007/MLOps_MCP/
https://github.com/ef10007/MLOps_MCP/issues/1
https://vuldb.com/submit/802085
https://vuldb.com/vuln/359809
https://vuldb.com/vuln/359809/cti

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page