ef10007 MLOps_MCP Path Traversal (CVE-2026-7213) Publicly Exploitable
A critical path traversal vulnerability, CVE-2026-7213, has been identified in ef10007 MLOps_MCP version 1.0.0. This flaw, rated 7.3 (HIGH) by the National Vulnerability Database, stems from improper handling of the filename/destination argument within the save_file Tool component’s fastmcp_server.py file. The attack can be executed remotely without authentication.
The National Vulnerability Database notes that an exploit for CVE-2026-7213 is now publicly available, dramatically increasing the risk of active exploitation. This means attackers can manipulate file paths to write or read arbitrary files outside the intended directory, potentially leading to remote code execution or sensitive data exposure. Despite early notification via an issue report, the project maintainers have not yet responded or released a patch.
This vulnerability, categorized as CWE-22 (Path Traversal), exposes MLOps environments to significant compromise. The lack of a vendor response, coupled with a public exploit, creates an immediate and severe threat. Defenders must assume this vulnerability is actively being scanned for and exploited in the wild.
What This Means For You
- If your organization uses ef10007 MLOps_MCP 1.0.0, you are directly exposed to a publicly exploited path traversal vulnerability. Assume compromise and audit your MLOps environments immediately. Isolate affected systems, restrict network access, and prepare for incident response. Given the lack of a vendor patch, mitigating this will require significant architectural controls or a complete halt of affected services.
Related ATT&CK Techniques
🛡️ Detection Rules
3 rules · 6 SIEM formats3 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.
CVE-2026-7213 - MLOps_MCP Path Traversal via save_file Tool
title: CVE-2026-7213 - MLOps_MCP Path Traversal via save_file Tool
id: scw-2026-04-28-ai-1
status: experimental
level: critical
description: |
Detects attempts to exploit CVE-2026-7213 in ef10007 MLOps_MCP by targeting the save_file tool with a path traversal payload in the 'filename' parameter. This indicates an attempt to access or modify files outside the intended directory.
author: SCW Feed Engine (AI-generated)
date: 2026-04-28
references:
- https://shimiscyberworld.com/posts/nvd-CVE-2026-7213/
tags:
- attack.initial_access
- attack.t1190
logsource:
category: webserver
detection:
selection:
cs-uri|contains:
- '/save_file'
cs-uri-query|contains:
- 'filename=../'
condition: selection
falsepositives:
- Legitimate administrative activity
Source: Shimi's Cyber World · License & reuse
Indicators of Compromise
| ID | Type | Indicator |
|---|---|---|
| CVE-2026-7213 | Path Traversal | ef10007 MLOps_MCP 1.0.0 |
| CVE-2026-7213 | Path Traversal | Vulnerable component: save_file Tool |
| CVE-2026-7213 | Path Traversal | Vulnerable file: fastmcp_server.py |
| CVE-2026-7213 | Path Traversal | Manipulation of argument: filename/destination |
Written by SCW Vulnerability Desk
Source & Attribution
| Source Platform | NVD |
| Channel | National Vulnerability Database |
| Published | April 28, 2026 at 05:16 UTC |
This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.
Believe this infringes your rights? Submit a takedown request.
Related coverage
CVE-2026-7218: Totolink N300RT Buffer Overflow Exploited Remotely
CVE-2026-7218 — A vulnerability was detected in Totolink N300RT 3.4.0-B20250430. The impacted element is the function is_cmd_string_valid of the file /boafrm/formWsc of the component libapmib.so....
CVE-2026-7217 — Deepractice PromptX Path Traversal
CVE-2026-7217 — A security vulnerability has been detected in Deepractice PromptX up to 2.4.0. The affected element is the function read_docx/read_xlsx/read_pptx/list_xlsx_sheets/read_pdf of the file packages/mcp-office/src/index.ts...
CVE-2026-7216: donchelo processing-claude-mcp-bridge Path Traversal
CVE-2026-7216 — A weakness has been identified in donchelo processing-claude-mcp-bridge up to e017b20a4b592a45531a6392f494007f04e661bd. Impacted is an unknown function of the file processing_server.py of the component...