CVE-2026-7159
Published: 27 April 2026
Summary
CVE-2026-7159 is a medium-severity Path Traversal (CWE-22) vulnerability. Its CVSS base score is 5.5 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 27.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
This vulnerability is AI-related — categorised as AI Agent Protocols and Integrations; in the Protocol-Specific Risks risk domain.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2026-7159 is a path traversal vulnerability (CWE-22) discovered in the douinc mkdocs-mcp-plugin up to version 0.4.1. The issue resides in the read_document and list_documents functions within the server.py file, where attackers can manipulate the docs_dir or file_path arguments to traverse outside the intended directory boundaries.
The vulnerability carries a CVSS v3.1 base score of 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L), making it exploitable remotely by unauthenticated attackers with low complexity and no user interaction required. Exploitation enables limited impacts on confidentiality, integrity, and availability, potentially allowing attackers to access, modify, or disrupt files based on the permissions of the affected server process.
Advisories note that the exploit has been made public and is available for use. The vendor has confirmed that a fix will be published within a few days. Additional details are documented in the project's GitHub repository, including issue #6 and related comments, as well as VulDB entries.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-25926
Vulnerability details
A vulnerability was found in douinc mkdocs-mcp-plugin up to 0.4.1. This affects the function read_document/list_documents of the file server.py. Performing a manipulation of the argument docs_dir/file_path results in path traversal. The attack is possible to be carried out remotely. The…
more
exploit has been made public and could be used. The vendor confirms, that the "fix will be published within a few days."
- CWE(s)
AI Security AnalysisAI
- AI Category
- AI Agent Protocols and Integrations
- Risk Domain
- Protocol-Specific Risks
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- Matched keywords: mcp
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Path traversal in public-facing server.py functions directly enables remote exploitation of the application (T1190) and unauthorized reading/listing of local files/directories outside intended boundaries (T1005, T1083).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly remediates the path traversal flaw in mkdocs-mcp-plugin by applying vendor patches to server.py functions.
Validates manipulated docs_dir and file_path inputs to block directory traversal sequences like '../'.
Enforces least privilege on the server process to limit access to files outside intended directories even if traversal occurs.