CVE-2026-7403 | geldata gel-mcp 0.1.0 src/gel_mcp/server.py list_rules/fetch_rule rule_name path traversal

A vulnerability, which was classified as critical, was found in geldata gel-mcp 0.1.0. This impacts the function list_rules/fetch_rule of the file src/gel_mcp/server.py. The manipulation of the argument rule_name results in path traversal.

This vulnerability was named CVE-2026-7403. The attack may be performed from remote. In addition, an exploit is available.

The project was informed of the problem early through an issue report but has not responded yet.VulDB Recent EntriesRead More