Excel-MCP-Server Path Traversal: Critical Flaw Exposes File System

The National Vulnerability Database has identified a critical path traversal vulnerability, CVE-2026-40576, in the excel-mcp-server, a tool designed for Excel file manipulation. Versions up to and including 0.1.7 are affected. When configured for remote access via SSE or Streamable-HTTP, an unauthenticated attacker can exploit this flaw to read, write, or overwrite arbitrary files on the host system. The vulnerability stems from flaws in the get_excel_path() function, which fails to properly validate absolute paths and incorrectly joins relative paths, bypassing intended directory restrictions set by the EXCEL_FILES_PATH environment variable. The default configuration, binding to all interfaces (0.0.0.0) and lacking authentication, makes exploitation trivial for network-based attackers.

This vulnerability presents a significant risk as it allows attackers to compromise the integrity and confidentiality of the server’s host system. The ability to write arbitrary files could lead to code execution, while reading sensitive files could expose critical data. Defenders must prioritize patching or upgrading excel-mcp-server instances to version 0.1.8, where this vulnerability is fixed. For systems that cannot be immediately patched, network segmentation and strict firewall rules should be implemented to limit access to the excel-mcp-server’s network interfaces, especially if it is exposed to untrusted networks.