VYPR

scaffold-mcp

by AgiFlow

Source repositories

CVEs (1)

  • CVE-2026-7237HigApr 28, 2026
    risk 0.40cvss 7.3epss 0.00

    A vulnerability was detected in AgiFlow scaffold-mcp up to 1.0.27. Affected by this issue is some unknown functionality of the file packages/scaffold-mcp/src/server/index.ts of the component write-to-file Tool. The manipulation of the argument file_path results in path…