CVE-2026-7386 | fatbobman mail-mcp-bridge up to 1.3.3 src/mail_mcp_server.py message_ids path traversal

Inserito da Angelo Barbosa | Apr 29, 2026 | CVE

A vulnerability described as critical has been identified in fatbobman mail-mcp-bridge up to 1.3.3. Affected is an unknown function of the file src/mail_mcp_server.py. Executing a manipulation of the argument message_ids can lead to path traversal.

This vulnerability is handled as CVE-2026-7386. The attack can be executed remotely. Additionally, an exploit exists.

Upgrading the affected component is recommended.

CVE-2026-7386 | fatbobman mail-mcp-bridge up to 1.3.3 src/mail_mcp_server.py message_ids path traversal

Post correlati

CVE-2022-4533 | Limit Login Attempts Plus Plugin up to 1.1.0 on WordPress protection mechanism

CVE-2026-3068 | itsourcecode Document Management System 1.0 /deluser.php user2del sql injection

CVE-2025-37942 | Linux Kernel up to 6.12.23/6.13.11/6.14.2 HID infinite loop

CVE-2025-21138 | Adobe Substance3D up to 14.0 out-of-bounds write (apsb25-06)