A flaw has been found in UsamaK98 python-notebook-mcp up to a05a232815809a7e425b5fa7be26e0d4369894c2. Impacted is the function create_notebook/read_notebook/edi…

A path traversal vulnerability has been discovered in UsamaK98 python-notebook-mcp affecting functions create_notebook, read_notebook, edit_cell, and add_cell in server.py. The flaw allows remote attackers to perform path traversal attacks. An exploit has been publicly released and is available for use. The vulnerability affects versions up to commit a05a232815809a7e425b5fa7be26e0d4369894c2. The project uses rolling releases with no specific version numbering. Despite early notification through an issue report, the project maintainers have not yet responded to address the vulnerability.