CVE-2026-7645 | ruvnet sublinear-time-solver 1.5.0 MCP Interface server.js export_state path traversal (Issue 19)

Inserito da Angelo Barbosa | Mag 1, 2026 | CVE

A vulnerability was found in ruvnet sublinear-time-solver 1.5.0 and classified as critical. Affected by this vulnerability is the function export_state of the file src/consciousness-explorer/mcp/server.js of the component MCP Interface. The manipulation results in path traversal.

This vulnerability is identified as CVE-2026-7645. The attack can be executed remotely. Additionally, an exploit exists.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2026-7645 | ruvnet sublinear-time-solver 1.5.0 MCP Interface server.js export_state path traversal (Issue 19)

Post correlati

CVE-2024-49521 | Adobe Commerce up to 3.2.5 Requests server-side request forgery (apsb24-90)

CVE-2018-11922 | Qualcomm Snapdragon Auto up to SDX20 Touch Pal Application config

CVE-2023-6374 | Mitsubishi Electric MELSEC WS Series WS0-GETH00200 and authentication replay

CVE-2026-2209 | WeKan up to 8.18 Custom Translation translationBody.js setCreateTranslation improper authorization