CVE-2026-7237 - AgiFlow scaffold-mcp write-to-file Tool index.ts path traversal
CVE ID :CVE-2026-7237 Published : April 28, 2026, 6:45 a.m. | 1 hour, 17 minutes ago Description :A vulnerability was detected in AgiFlow scaffold-mcp up to 1.0.27. Affected by this issue is some unknown functionality of the file packages/scaffold-mcp/src/server/index.ts of the component write
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] CVE-2026-7280 - eMPIA Technology|AVACAST - Unquoted Service Path
- [CYBER] Reflections on BlackHat Asia 2026 and Arsenal
- [CYBER] CVE-2026-7279 - eMPIA Technology|AVACAST - DLL Hijacking
- [CYBER] RansomHouse claims breach of a popular Cybersecurity Vendor, possibly Barracuda Networks
- [CYBER] CVE-2026-7264 - SourceCodester Pizzafy Ecommerce System ajax.php get_cart_items sql injection
- [CYBER] CVE-2026-41636 - Apache Thrift: Node.js skip() recursion