{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-7212", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-04-27T15:02:55.489Z", "datePublished": "2026-04-28T01:15:12.800Z", "dateUpdated": "2026-04-28T01:15:12.800Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-28T01:15:12.800Z"}, "title": "edvardlindelof notes-mcp notes_mcp.py path traversal", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-22", "lang": "en", "description": "Path Traversal"}]}], "affected": [{"vendor": "edvardlindelof", "product": "notes-mcp", "versions": [{"version": "0.1.0", "status": "affected"}, {"version": "0.1.1", "status": "affected"}, {"version": "0.1.2", "status": "affected"}, {"version": "0.1.3", "status": "affected"}, {"version": "0.1.4", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "A security vulnerability has been detected in edvardlindelof notes-mcp up to 0.1.4. This affects an unknown function of the file notes_mcp.py. The manipulation of the argument root_dir/path leads to path traversal. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used. The project was informed of the problem early through an issue report but has not responded yet."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 6.9, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 7.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R", "baseSeverity": "HIGH"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 7.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R", "baseSeverity": "HIGH"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2026-04-27T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-04-27T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-04-27T17:08:26.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "SmallW (VulDB User)", "type": "reporter"}, {"lang": "en", "value": "VulDB CNA Team", "type": "coordinator"}], "references": [{"url": "https://vuldb.com/vuln/359808", "name": "VDB-359808 | edvardlindelof notes-mcp notes_mcp.py path traversal", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/359808/cti", "name": "VDB-359808 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/802084", "name": "Submit #802084 | edvardlindelof notes-mcp 0.1.4 Path Traversal", "tags": ["third-party-advisory"]}, {"url": "https://github.com/edvardlindelof/notes-mcp/issues/2", "tags": ["exploit", "issue-tracking"]}, {"url": "https://github.com/edvardlindelof/notes-mcp/", "tags": ["product"]}]}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A security vulnerability has been detected in edvardlindelof notes-mcp up to 0.1.4. This affects an unknown function of the file notes_mcp.py. The manipulation of the argument root_dir/path leads to path traversal. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used. The project was informed of the problem early through an issue report but has not responded yet."}], "id": "CVE-2026-7212", "lastModified": "2026-04-28T02:16:08.573", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.4, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-04-28T02:16:08.573", "references": [{"source": "cna@vuldb.com", "url": "https://github.com/edvardlindelof/notes-mcp/"}, {"source": "cna@vuldb.com", "url": "https://github.com/edvardlindelof/notes-mcp/issues/2"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/submit/802084"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/359808"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/359808/cti"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0.1.0,0.1.4]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "notes-mcp", "source": "cna", "vendor": "edvardlindelof"}, "product": "notes-mcp", "vendor": "edvardlindelof"}], "analysis": {"en": {"generated_at": "2026-04-28T12:34:07.917957+00:00", "value": {"mitigation_remediation": ["Upgrade notes-mcp to a version newer than 0.1.4 when it becomes available. ", "Configure the application to use a fixed, safe root directory and disable remote input of the root_dir or path parameters. ", "Implement server\u2011side validation that blocks any path containing \"..\" sequences or absolute paths before use."], "summary": {"action": "Apply Patch", "impact": "Path Traversal"}, "threat_synthesis": {"affected_systems": "The exploit targets the open-source notes-mcp application developed by Edvard Lindelof. All deployments using the notes-mcp package at or below version 0.1.4 are vulnerable. No additional vendor or product ranges are specified beyond the notes-mcp package itself.", "description_and_impact": "A path traversal flaw exists in the notes_mcp.py component of the notes-mcp project, affecting versions up to 0.1.4. The vulnerability is triggered by manipulating the root_dir or path argument, which allows an attacker to reference file system locations outside the intended directory hierarchy. The flaw can be exploited remotely, resulting in unauthorized file access or disclosure of sensitive configuration data. The effect may compromise confidentiality and potentially allow broader system exploitation if critical files are read or altered.", "risk_and_exploitability": "The CVSS score of 6.9 classifies the vulnerability as moderate severity, with the attacker required to supply a malicious root_dir or path argument via a remote interface. The EPSS score is not provided, and the issue is not listed in the CISA KEV catalog, suggesting that while the flaw is documented, the exploitation rate may be low at present. Nonetheless, because the attacker can read arbitrary files, the risk to confidentiality is significant, especially in environments where notes-mcp is exposed to external users or network traffic."}}}}, "created": "2026-04-28T09:16:34.110392+00:00", "updated": "2026-04-28T12:45:31.385806+00:00", "vendors": ["edvardlindelof", "edvardlindelof$PRODUCT$notes-mcp"]}