top of page
perceptive_background_267k.jpg

MCP Atlassian is a Model Context Protocol (MCP) server for Atlassian products (Confluence and Jira). Prior to version 0.17.0, the `confluence_download_attachmen…

Published:

9 maart 2026 om 23:00:00

Alert date:

10 maart 2026 om 21:03:26

Source:

nvd.nist.gov

Click to open the original link from this advisory

Enterprise Applications

CVE-2026-27825 affects MCP Atlassian, a Model Context Protocol server for Confluence and Jira products. Prior to version 0.17.0, the confluence_download_attachment tool lacks directory boundary enforcement in the download_path parameter. Attackers can exploit this to write arbitrary content to any server path with write access. The vulnerability enables arbitrary code execution by controlling both destination and content through malicious Confluence attachments. Examples include writing cron entries to /etc/cron.d/ for scheduled code execution. Version 0.17.0 resolves the issue.

Technical details

Mitigation steps:

Affected products:

MCP Atlassian
Confluence
Jira

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-27825
https://github.com/sooperset/mcp-atlassian/commit/52b9b0997681e87244b20d58034deae89c91631e
https://github.com/sooperset/mcp-atlassian/security/advisories/GHSA-xjgw-4wvw-rgm4

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page