CVE-2026-7272 | WilliamCloudQi matlab-mcp-server up to ab88f6b9bf5f36f725e8628029f7f6dd0d9913ca MCP Interface src/index.ts generate_matlab_code/execute_matlab_code scriptPath path traversal

A vulnerability classified as critical was found in WilliamCloudQi matlab-mcp-server up to ab88f6b9bf5f36f725e8628029f7f6dd0d9913ca. The affected element is the function generate_matlab_code/execute_matlab_code of the file src/index.ts of the component MCP Interface. Executing a manipulation of the argument scriptPath can lead to path traversal.

This vulnerability is handled as CVE-2026-7272. The attack can be executed remotely. Additionally, an exploit exists.

The project was informed of the problem early through an issue report but has not responded yet.VulDB Recent EntriesRead More