{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/vendors/fatbobman/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[{"cvss":7.3,"id":"CVE-2026-7386"}],"_cs_exploited":false,"_cs_products":["mail-mcp-bridge"],"_cs_severities":["high"],"_cs_tags":["path-traversal","vulnerability","web-application"],"_cs_type":"advisory","_cs_vendors":["fatbobman"],"content_html":"\u003cp\u003eA path traversal vulnerability, identified as CVE-2026-7386, has been discovered in fatbobman mail-mcp-bridge version 1.3.3 and prior. The vulnerability resides within the \u003ccode\u003esrc/mail_mcp_server.py\u003c/code\u003e file, specifically affecting an unspecified function that handles the \u003ccode\u003emessage_ids\u003c/code\u003e argument. A remote attacker can exploit this flaw by crafting malicious requests containing manipulated \u003ccode\u003emessage_ids\u003c/code\u003e values. Successful exploitation allows the attacker to traverse the file system and potentially read sensitive files. An exploit is publicly available. The vulnerability is addressed in version 1.3.4, with patch \u003ccode\u003e638b162b26532e32fa8d8047f638537dbdfe197a\u003c/code\u003e.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eThe attacker identifies a vulnerable instance of mail-mcp-bridge running version 1.3.3 or earlier.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious HTTP request targeting the endpoint that processes \u003ccode\u003emessage_ids\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eWithin the request, the attacker includes a \u003ccode\u003emessage_ids\u003c/code\u003e parameter containing path traversal sequences (e.g., \u003ccode\u003e../\u003c/code\u003e).\u003c/li\u003e\n\u003cli\u003eThe server-side application, without proper validation, processes the manipulated \u003ccode\u003emessage_ids\u003c/code\u003e value.\u003c/li\u003e\n\u003cli\u003eThe application attempts to access a file path constructed using the attacker-controlled input.\u003c/li\u003e\n\u003cli\u003eDue to the path traversal sequences, the application accesses a file outside the intended directory.\u003c/li\u003e\n\u003cli\u003eThe application reads the contents of the traversed file.\u003c/li\u003e\n\u003cli\u003eThe attacker retrieves the contents of the file, gaining access to sensitive information.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this vulnerability allows an attacker to read arbitrary files on the server. This could lead to the exposure of sensitive data such as configuration files, application source code, or user data. With a CVSS v3.1 base score of 7.3, this vulnerability poses a significant risk. The number of affected installations is unknown, but any instance of mail-mcp-bridge running a vulnerable version is susceptible to attack.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade fatbobman mail-mcp-bridge to version 1.3.4 or later to apply the patch \u003ccode\u003e638b162b26532e32fa8d8047f638537dbdfe197a\u003c/code\u003e that resolves CVE-2026-7386.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u0026ldquo;Detect mail-mcp-bridge Path Traversal Attempt\u0026rdquo; to identify exploitation attempts in web server logs.\u003c/li\u003e\n\u003cli\u003eImplement input validation on the \u003ccode\u003emessage_ids\u003c/code\u003e parameter to prevent path traversal attacks in web applications, even after patching.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-04-29T16:16:29Z","date_published":"2026-04-29T16:16:29Z","id":"/briefs/2026-04-mail-mcp-bridge-path-traversal/","summary":"A path traversal vulnerability exists in fatbobman mail-mcp-bridge version 1.3.3 and earlier, allowing a remote attacker to read arbitrary files by manipulating the message_ids argument in the src/mail_mcp_server.py file.","title":"Path Traversal Vulnerability in mail-mcp-bridge","url":"https://feed.craftedsignal.io/briefs/2026-04-mail-mcp-bridge-path-traversal/"}],"language":"en","title":"CraftedSignal Threat Feed — Fatbobman","version":"https://jsonfeed.org/version/1.1"}