CVE-2026-7149: Dexhunter Kaggle-MCP Path Traversal Vulnerability Disclosed

/HIGH /CVSS 7.3/10
Written by SCW Vulnerability Desk Vulnerability Intelligence
SCW vulnerabilitycvehigh-severitypath-traversalcwe-22
CVE-2026-7149: Dexhunter Kaggle-MCP Path Traversal Vulnerability Disclosed

The National Vulnerability Database has disclosed CVE-2026-7149, a high-severity path traversal vulnerability impacting dexhunter kaggle-mcp up to version 406127ffcb2b91b8c10e20e6c2ca787fbc1dc92d. This flaw, rated with a CVSS score of 7.3, allows remote attackers to manipulate the competition_id argument within the prepare_kaggle_dataset function in src/kaggle_mcp/server.py.

This vulnerability is particularly dangerous because it is remotely exploitable and its exploit code has been publicly disclosed. Attackers can leverage this path traversal to access or create files outside of intended directories, potentially leading to information disclosure, arbitrary file writes, or even remote code execution depending on the server’s configuration and permissions. The project maintains a rolling release strategy, meaning specific affected versions are not precisely defined, making it harder for defenders to track.

Despite early notification via an issue report, the project has not yet responded. This lack of communication leaves users exposed to a known, actively exploitable vulnerability. Defenders should assume active exploitation given the public disclosure and the ease of attack.

What This Means For You

  • If your organization utilizes dexhunter kaggle-mcp, you are directly exposed to CVE-2026-7149. The public exploit disclosure means this isn't theoretical; attackers are already probing for this. Immediately assess your deployments for this software. If found, isolate affected systems and prepare for potential data exfiltration or unauthorized file modification. Without a patch, the risk remains critical.

Related ATT&CK Techniques

T1190 Exploit Public-Facing Application Initial Access T1071.001 Web Protocols Initial Access T1552.001 Credentials In Files Credential Access

🛡️ Detection Rules

3 rules · 6 SIEM formats

3 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.

high T1190 Initial Access

CVE-2026-7149: Dexhunter Kaggle-MCP Path Traversal Attempt

Sigma YAML — free preview 
title: CVE-2026-7149: Dexhunter Kaggle-MCP Path Traversal Attempt
id: scw-2026-04-27-ai-1
status: experimental
level: high
description: |
  Detects attempts to exploit the CVE-2026-7149 vulnerability in dexhunter kaggle-mcp. The rule specifically looks for requests to the '/prepare_kaggle_dataset' endpoint with a 'competition_id' parameter containing directory traversal sequences ('../'). This indicates an attempt to access files outside of the intended directory.
author: SCW Feed Engine (AI-generated)
date: 2026-04-27
references:
  - https://shimiscyberworld.com/posts/nvd-CVE-2026-7149/
tags:
  - attack.initial_access
  - attack.t1190
logsource:
    category: webserver
detection:
  selection:
      cs-uri|contains:
          - '/prepare_kaggle_dataset?competition_id='
      cs-uri|contains:
          - '../'
  condition: cs-uri
falsepositives:
  - Legitimate administrative activity

Source: Shimi's Cyber World · License & reuse

✓ Sigma · Splunk SPL Sentinel KQL Elastic QRadar AQL Wazuh Get rules for your SIEM →

Indicators of Compromise

IDTypeIndicator
CVE-2026-7149 Path Traversal dexhunter kaggle-mcp up to 406127ffcb2b91b8c10e20e6c2ca787fbc1dc92d
CVE-2026-7149 Path Traversal Vulnerable function: prepare_kaggle_dataset in src/kaggle_mcp/server.py
CVE-2026-7149 Path Traversal Manipulation of argument: competition_id

Written by SCW Vulnerability Desk

Source & Attribution
Source PlatformNVD
ChannelNational Vulnerability Database
PublishedApril 27, 2026 at 22:16 UTC

This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.

Believe this infringes your rights? Submit a takedown request.

Related coverage

CVE-2026-7153: Critical OS Command Injection in Totolink A8000RU Routers

CVE-2026-7153 — A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. The impacted element is the function setMiniuiHomeInfoShow of the file /cgi-bin/cstecgi.cgi of the...

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 5 IOCs /⚙ 3 Sigma

Totolink A8000RU Critical Command Injection (CVE-2026-7152)

CVE-2026-7152 — A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. The affected element is the function setTelnetCfg of the file /cgi-bin/cstecgi.cgi of the component CGI...

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 4 IOCs /⚙ 2 Sigma

Tenda HG3 2.0 Router Vulnerability: Remote Stack Buffer Overflow

CVE-2026-7151 — A vulnerability was determined in Tenda HG3 2.0. Impacted is the function formUploadConfig of the file /boaform/formIPv6Routing. This manipulation of the argument destNet...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-121
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 3 Sigma