CVE-2026-15749 | mastergo-design mastergo-magic-mcp up to 0.2.0 mcp__C2d src/tools/get-c2d.ts execute filePath path traversal (Issue 88)

SecurityVulns

A vulnerability was found in mastergo-design mastergo-magic-mcp up to 0.2.0. It has been classified as critical. This issue affects the function execute of the file src/tools/get-c2d.ts of the component mcp__C2d. Performing a manipulation of the argument filePath results in path traversal.

This vulnerability is reported as CVE-2026-15749. The attack requires a local approach. Moreover, an exploit is present.

The project was informed of the problem early through an issue report but has not responded yet.VulDB Recent EntriesRead More