CVE-2026-15138 | tumf mcp-text-editor up to 1.0.2 text_editor.py _validate_file_path path traversal (Issue 22)

SecurityVulns

A vulnerability, which was classified as critical, was found in tumf mcp-text-editor up to 1.0.2. This issue affects the function _validate_file_path of the file mcp_text_editor/text_editor.py. Such manipulation of the argument file_path leads to path traversal.

This vulnerability is uniquely identified as CVE-2026-15138. The attack can be launched remotely. Moreover, an exploit is present.

The vendor closed the GitHub issue for this vulnerability without any explanation.VulDB Recent EntriesRead More