path-traversal

MCP Path Traversal: One Vulnerability, Dozens of Servers

This content details a critical "Path Traversal" vulnerability (CVE-2026-40576 and others) affecting dozens of MCP servers, allowing unauthenticated attackers to read, write, or overwrite arbitrary files. The flaw is described as a structural property in how these servers are built, with approximately 82% of MCP servers with file operations being susceptible.