VYPR
Vendor

MCP

Products
1
CVEs
1
Across products
1
Status
Private

Products

1

Recent CVEs

1
  • CVE-2026-47388lowJun 5, 2026
    risk 0.07cvss epss 0.00

    ### Summary A low-privilege MCP token holder with knowledge of an attachment path could read any file in shared storage, including attachments belonging to other bases and workspaces, because the MCP `readAttachment` tool did not verify the file's ownership. ### Details The MCP…