CVEFinder.io

CVE-2026-15751

🔶 medium
🔍 Scan for this CVE
Summary

A security vulnerability has been detected in mastergo-design mastergo-magic-mcp up to 0.2.0. The affected element is the function execute of the file mastergo/component-workflow.md of the component mcp__getComponentGenerator. The manipulation of the argument rootPath leads to path traversal. An attack has to be approached locally. The exploit has been disclosed publicly and may be used. The project was informed of the problem early through an issue report but has not responded yet.

CVSS Score
5.3
Medium
EPSS Score
-
Published Date
2026-07-14
First Seen: 2026-07-15
📊 Relative Risk Intelligence

This CVE is Lower Risk - more severe than 19.6% of all 335,187 vulnerabilities in our database.

#269,587
Below average severity
Severity Percentile
Last Modified 2026-07-14
Source NVD 🔗
CVSS Vector 3.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CVSS Vector 4.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CWE IDs (Weakness Types)

📦 Affected Products 0

No affected products information available

🔗 References 6