CVE-2026-9473 | c-rick jimeng-mcp 1.10.0 src/api.ts filePath path traversal (Issue 15)

A vulnerability marked as critical has been reported in c-rick jimeng-mcp 1.10.0. Affected by this vulnerability is the function getFileContent/uploadCoverFile/generateImage/generateVideo of the file src/api.ts. The manipulation of the argument filePath leads to path traversal.

This vulnerability is listed as CVE-2026-9473. The attack may be initiated remotely. In addition, an exploit is available.

The project was informed of the problem early through an issue report but has not responded yet.VulDB Recent EntriesRead More