top of page
perceptive_background_267k.jpg

A vulnerability was identified in duartium papers-mcp-server 9ceb3812a6458ba7922ca24a7406f8807bc55598. Impacted is the function search_papers of the file src/ma…

Published:

27 april 2026 om 22:00:00

Alert date:

28 april 2026 om 21:20:20

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies, Supply Chain & Dependencies

A path traversal vulnerability was identified in duartium papers-mcp-server affecting the search_papers function in src/main.py. The vulnerability can be exploited remotely by manipulating the topic argument. A public exploit is available and the attack can be launched remotely. The project maintainers were notified through an issue report but have not responded. This represents an active security risk with publicly available exploitation code.

Technical details

Mitigation steps:

Affected products:

duartium papers-mcp-server

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-7205
https://github.com/duartium/papers-mcp-server/
https://github.com/duartium/papers-mcp-server/issues/1
https://vuldb.com/submit/802080
https://vuldb.com/vuln/359805
https://vuldb.com/vuln/359805/cti

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page