CVE-2026-7788 | Axle-Bucamp MCP-Docusaurus up to 404bc028e15ec304c9a045528560f4b5f27a17e0 app/routes/document.py DOCS_DIR/path path traversal

A vulnerability has been found in Axle-Bucamp MCP-Docusaurus up to 404bc028e15ec304c9a045528560f4b5f27a17e0 and classified as critical. The affected element is the function update_document/continue_document/delete_document/get_content of the file app/routes/document.py. Performing a manipulation of the argument DOCS_DIR/path results in path traversal.

This vulnerability was named CVE-2026-7788. The attack may be initiated remotely. In addition, an exploit is available.

This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available.

The project was informed of the problem early through an issue report but has not responded yet.VulDB Recent EntriesRead More