VYPR

npm package

@puchunjie/doc-tools-mcp

pkg:npm/%40puchunjie/doc-tools-mcp

Vulnerabilities (1)

  • CVE-2026-7738MedMay 4, 2026
    affected <= 1.0.18

    A security flaw has been discovered in puchunjie doc-tools-mcp 1.0.18. This affects the function create_document/open_document of the file src/mcp-server.ts of the component MCP Interface. The manipulation of the argument filePath results in path traversal. The attack can be laun