CVE-2026-7272
Published: 28 April 2026
Summary
CVE-2026-7272 is a high-severity Path Traversal (CWE-22) vulnerability. Its CVSS base score is 7.3 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 20.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
This vulnerability is AI-related — categorised as AI Agent Protocols and Integrations; in the Protocol-Specific Risks risk domain.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly addresses the path traversal vulnerability by requiring validation of the scriptPath input argument to block directory traversal manipulations in generate_matlab_code and execute_matlab_code functions.
Mandates timely remediation of the identified path traversal flaw in matlab-mcp-server up to commit ab88f6b9bf5f36f725e8628029f7f6dd0d9913ca despite lack of project response.
Limits damage from successful scriptPath path traversal by enforcing least privilege on the MCP Interface process, restricting access to sensitive files outside intended directories.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Path traversal in network-exposed matlab-mcp-server component (scriptPath manipulation in generate/execute functions) directly enables remote exploitation of public-facing application (T1190) and facilitates unauthorized access to local system files/data (T1005).
NVD Description
A flaw has been found in WilliamCloudQi matlab-mcp-server up to ab88f6b9bf5f36f725e8628029f7f6dd0d9913ca. The affected element is the function generate_matlab_code/execute_matlab_code of the file src/index.ts of the component MCP Interface. Executing a manipulation of the argument scriptPath can lead to path traversal. The…
more
attack can be executed remotely. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet.
Deeper analysisAI
CVE-2026-7272 is a path traversal vulnerability (CWE-22) in the WilliamCloudQi matlab-mcp-server project, affecting versions up to commit ab88f6b9bf5f36f725e8628029f7f6dd0d9913ca. The flaw resides in the generate_matlab_code and execute_matlab_code functions within the src/index.ts file of the MCP Interface component. By manipulating the scriptPath argument, attackers can traverse directories and access unintended files or paths.
Remote attackers require no privileges (PR:N) or user interaction (UI:N) and face low attack complexity (AC:L) to exploit this issue over the network (AV:N). Successful exploitation grants low-level impacts on confidentiality, integrity, and availability (C:L/I:L/A:L), resulting in a CVSS v3.1 base score of 7.3 with unchanged scope (S:U).
Advisories from sources like VulDB and GitHub issues indicate no patches or responses from the project maintainers despite early notification via an issue report. An exploit has been publicly disclosed, as referenced in related GitHub repositories and submissions.
The project remains unresponsive, with the exploit available for potential use in matlab-mcp-server deployments.
Details
- CWE(s)
AI Security AnalysisAI
- AI Category
- AI Agent Protocols and Integrations
- Risk Domain
- Protocol-Specific Risks
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- Matched keywords: mcp, mcp