CVE-2026-7149
Published: 27 April 2026
Summary
CVE-2026-7149 is a high-severity Path Traversal (CWE-22) vulnerability. Its CVSS base score is 7.3 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 18.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
This vulnerability is AI-related — categorised as AI Agent Protocols and Integrations; in the Protocol-Specific Risks risk domain.
The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SI-10 (Information Input Validation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly mitigates path traversal by requiring validation of the competition_id argument to reject malicious traversal sequences like '../'.
Requires timely identification and remediation of the path traversal flaw in the prepare_kaggle_dataset function of kaggle-mcp.
Enables vulnerability scanning to identify deployments of vulnerable kaggle-mcp versions up to commit 406127ffcb2b91b8c10e20e6c2ca787fbc1dc92d.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Path traversal in publicly accessible server.py function directly enables remote exploitation of public-facing application (T1190) and facilitates unauthorized file read access on local system (T1005).
NVD Description
A vulnerability has been found in dexhunter kaggle-mcp up to 406127ffcb2b91b8c10e20e6c2ca787fbc1dc92d. This vulnerability affects the function prepare_kaggle_dataset of the file src/kaggle_mcp/server.py. The manipulation of the argument competition_id leads to path traversal. The attack is possible to be carried out remotely.…
more
The exploit has been disclosed to the public and may be used. This product adopts a rolling release strategy to maintain continuous delivery. Therefore, version details for affected or updated releases cannot be specified. The project was informed of the problem early through an issue report but has not responded yet.
Deeper analysisAI
CVE-2026-7149 is a path traversal vulnerability (CWE-22) discovered in the dexhunter kaggle-mcp project, affecting the prepare_kaggle_dataset function in the file src/kaggle_mcp/server.py. The issue arises from improper handling of the competition_id argument, allowing attackers to manipulate it and traverse to unintended paths. It impacts versions up to the commit 406127ffcb2b91b8c10e20e6c2ca787fbc1dc92d. The project follows a rolling release strategy, so specific affected or patched versions are not defined.
The vulnerability has a CVSS v3.1 base score of 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L), indicating it can be exploited remotely over the network by unauthenticated attackers with low complexity and no user interaction required. Successful exploitation enables limited impacts on confidentiality, integrity, and availability, such as reading, writing, or modifying files outside the intended directory via path traversal.
Advisories from VulDB and the project's GitHub repository note that the vulnerability was reported early via issue #1, but the maintainers have not yet responded. No patches or mitigations are specified due to the rolling release model; security practitioners should monitor the repository at https://github.com/dexhunter/kaggle-mcp/ and issue tracker at https://github.com/dexhunter/kaggle-mcp/issues/1 for updates. The exploit has been publicly disclosed and is available for use.
In context, dexhunter kaggle-mcp relates to handling Kaggle datasets, which may involve machine learning workflows, though no real-world exploitation in the wild has been reported as of the CVE publication on 2026-04-27.
Details
- CWE(s)
AI Security AnalysisAI
- AI Category
- AI Agent Protocols and Integrations
- Risk Domain
- Protocol-Specific Risks
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- Matched keywords: mcp