VYPR

npm package

fast-filesystem-mcp

pkg:npm/fast-filesystem-mcp

Vulnerabilities (2)

  • CVE-2026-5327MedApr 2, 2026
    affected <= 3.5.0

    A security flaw has been discovered in efforthye fast-filesystem-mcp up to 3.5.1. The affected element is the function handleGetDiskUsage of the file src/index.ts. Performing a manipulation results in command injection. The attack is possible to be carried out remotely. The explo

  • CVE-2025-67364Jan 7, 2026
    affected <= 3.4.0

    fast-filesystem-mcp version 3.4.0 contains a critical path traversal vulnerability in its file operation tools including fast_read_file. This vulnerability arises from improper path validation that fails to resolve symbolic links to their actual physical paths. The safePath and i