Vendor
high
advisory
Eiceblue Spire-PDF-MCP-Server Path Traversal Vulnerability (CVE-2026-7315)
2 rules 1 TTP 1 CVEA path traversal vulnerability exists in eiceblue spire-pdf-mcp-server version 0.1.1, allowing remote attackers to access arbitrary files via manipulation of the filepath argument in the get_pdf_path function.
spire-pdf-mcp-server
path-traversal
web-application
cve
2r
1t
1c
high
advisory
eiceblue spire-doc-mcp-server Path Traversal Vulnerability
2 rules 1 TTP 1 CVEA path traversal vulnerability exists in eiceblue spire-doc-mcp-server version 1.0.0, allowing a remote attacker to access arbitrary files by manipulating the 'document_name' argument in the 'get_doc_path' function.
spire-doc-mcp-server 1.0.0
path-traversal
web-application
cve-2026-7314
2r
1t
1c