A vulnerability was found in lamaalrajih kicad-mcp up to 3.3.1. It has been classified as problematic. This issue affects some unknown processing of the file kicad_mcp/utils/path_validator.py. Performing a manipulation of the argument project_path/schematic_path results in protection mechanism failure.

This vulnerability is known as CVE-2026-15528. Attacking locally is a requirement. Furthermore, an exploit is available.

The project was informed of the problem early through an issue report but has not responded yet.