CVE-2026-7445 | ZachHandley ZMCPTools up to 0.2.2 MCP Log Resource ResourceManager.ts dirname path traversal

A vulnerability was found in ZachHandley ZMCPTools up to 0.2.2. It has been rated as critical. Affected by this issue is some unknown functionality of the file src/managers/ResourceManager.ts of the component MCP Log Resource Handler. The manipulation of the argument dirname leads to path traversal.

This vulnerability is referenced as CVE-2026-7445. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

The project was informed of the problem early through an issue report but has not responded yet.VulDB Recent EntriesRead More