Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-53110

Model Context Protocol Servers is a collection of reference implementations for the model context protocol (MCP). Versions of Filesystem prior to 0.6.4 or 2025.7.01 could allow access to unintended files in cases where the prefix matches an allowed directory. Users are advised to upgrade to 0.6.4 or 2025.7.01 resolve.

Published

2025-07-02T15:15:27.843

Last Modified

2025-07-03T15:13:53.147

Status

Awaiting Analysis

Source

[email protected]

Severity

Weaknesses

Type: Primary
CWE-22

Affected Vendors & Products

References

https://github.com/modelcontextprotocol/servers/commit/cc99bdabdcad93a58877c5f3ab20e21d4394423d ([email protected])
https://github.com/modelcontextprotocol/servers/security/advisories/GHSA-hc55-p739-j48w ([email protected])