Cyber Posture

CVE-2026-7788

High

Published: 05 May 2026

Published
05 May 2026
Modified
05 May 2026
KEV Added
Patch
CVSS Score 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
EPSS Score 0.0005 13.9th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Description

A security flaw has been discovered in Axle-Bucamp MCP-Docusaurus up to 404bc028e15ec304c9a045528560f4b5f27a17e0. The affected element is the function update_document/continue_document/delete_document/get_content of the file app/routes/document.py. Performing a manipulation of the argument DOCS_DIR/path results in path traversal. The attack may be initiated remotely.…

more

The exploit has been released to the public and may be used for attacks. This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available. The project was informed of the problem early through an issue report but has not responded yet.

Likely Mitigating ControlsAI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

SI-10 Information Input Validation
addresses: CWE-22

Validates pathnames and filenames to prevent traversal outside intended directories.

Security SummaryAI

CVE-2026-7788 is a path traversal vulnerability (CWE-22) affecting Axle-Bucamp MCP-Docusaurus up to commit 404bc028e15ec304c9a045528560f4b5f27a17e0. The flaw resides in the update_document, continue_document, delete_document, and get_content functions within the file app/routes/document.py, where manipulation of the DOCS_DIR/path argument enables traversal outside intended directories. This issue was published on 2026-05-05 and carries a CVSS v3.1 base score of 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L), rated as high severity.

Remote attackers require no privileges or user interaction to exploit this vulnerability over the network with low complexity. Successful exploitation allows limited impacts on confidentiality, integrity, and availability, potentially enabling unauthorized read, write, or deletion of files outside the intended document directory.

Advisories note that the project uses a rolling release model, providing no specific affected or patched version details. The developers were informed early via GitHub issue #2 but have not responded. An exploit is publicly available, increasing risk. Relevant resources include the project repository at https://github.com/Axle-Bucamp/MCP-Docusaurus/, the issue tracker at https://github.com/Axle-Bucamp/MCP-Docusaurus/issues/2, and VulDB entries at https://vuldb.com/vuln/360994 and related pages.

Details

CWE(s)
CWE-22

AI Security AnalysisAI

AI Category
AI Agent Protocols and Integrations
Risk Domain
Protocol-Specific Risks
OWASP Top 10 for LLMs 2025
None mapped
MITRE ATLAS Techniques
None mapped
Classification Reason
Matched keywords: mcp

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
T1005 Data from Local System Collection
Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.
attack.mitre.org →
T1070.004 File Deletion Stealth
Adversaries may delete files left behind by the actions of their intrusion activity.
attack.mitre.org →
T1105 Ingress Tool Transfer Command And Control
Adversaries may transfer tools or other files from an external system into a compromised environment.
attack.mitre.org →
Why these techniques?

Path traversal in public-facing document management functions directly enables remote file read (T1005), deletion (T1070.004), arbitrary write for tool ingress (T1105), and initial access via exploitation of the exposed app (T1190).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

References