CVE-2026-7728

MEDIUM 6.3

ryanjoachim mcp-rtfm MCP update_doc path traversal

CVSS Score

6.3

EPSS Score

0.0%

EPSS Percentile

0th

A vulnerability was identified in ryanjoachim mcp-rtfm 0.1.0. This vulnerability affects the function get_doc_content/read_doc/update_doc of the component MCP Interface. Such manipulation of the argument docFile leads to path traversal. The attack can be launched remotely. The exploit is publicly available and might be used. The name of the patch is e6f0686fc36012f78236e7fed172c81444904b0b. It is best practice to apply a patch to resolve this issue.

CWE	CWE-22
Vendor	ryanjoachim
Product	mcp-rtfm
Published	May 4, 2026

Stay Ahead of the Next One

Get instant alerts for ryanjoachim mcp-rtfm

Be the first to know when new medium vulnerabilities affecting ryanjoachim mcp-rtfm are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

ryanjoachim / mcp-rtfm

0.1.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

vuldb.com: https://vuldb.com/vuln/360903 vuldb.com: https://vuldb.com/vuln/360903/cti vuldb.com: https://vuldb.com/submit/807538 github.com: https://github.com/ryanjoachim/mcp-rtfm/issues/5 github.com: https://github.com/BruceJqs/public_exp/issues/35 github.com: https://github.com/ryanjoachim/mcp-rtfm/commit/e6f0686fc36012f78236e7fed172c81444904b0b github.com: https://github.com/ryanjoachim/mcp-rtfm/

Credits

🔍 BruceJqs (VulDB User)