CNNVD-202601-1197 Information

CNNVD ID

CNNVD-202601-1197

Related CVE

CVE-2025-67364

• CNNVD Published: 2026-01-07

Description (Chinese)

fast-filesystem-mcp是efforthye个人开发者的一个模型上下文协议服务器。 fast-filesystem-mcp 3.4.0版本存在安全漏洞，该漏洞源于路径验证不当，无法解析符号链接，可能导致绕过目录访问限制。

Description (English)

Fast-filesystem-mcp is a model context protocol server for personal developers. There is a security loophole in version 3.4.0 of fast-filesystem-mcp, which results from inappropriate routing and failure to parse symbolic links, which may lead to circumventing directory access limits.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2026-01-07

Last Modified

2026-02-24

References

https://github.com/efforthye/fast-filesystem-mcp/issues/10 https://access.redhat.com/security/cve/cve-2025-67364

Patch

https://github.com/efforthye/fast-filesystem-mcp/tags