CVE-2026-7319

High

Published: 28 April 2026

Published

28 April 2026

Modified

29 April 2026

KEV Added

—

Patch

—

CVSS Score 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

EPSS Score 0.0010 27.6th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-7319 is a high-severity Path Traversal (CWE-22) vulnerability. Its CVSS base score is 7.3 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 27.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

This vulnerability is AI-related — categorised as AI Agent Protocols and Integrations; in the Protocol-Specific Risks risk domain.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Requires validation of the 'context' argument in _get_context_file_path to block path traversal sequences like '../', directly preventing remote exploitation.

SI-2 Flaw Remediation good match

prevent

Mandates timely identification, reporting, and correction of the path traversal flaw in elinsky execution-system-mcp 0.1.0 server.py.

SI-9 Information Input Restrictions good match

prevent

Enforces restrictions on inputs to the 'context' argument, prohibiting traversal characters and limiting manipulation in the add_action Tool component.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

T1005 Data from Local System Collection

Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.

attack.mitre.org →

Why these techniques?

Path traversal in public-facing server component enables remote unauthenticated exploitation (T1190) and direct unauthorized file access for local data collection (T1005).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

A flaw has been found in elinsky execution-system-mcp 0.1.0. The impacted element is the function _get_context_file_path of the file src/execution_system_mcp/server.py of the component add_action Tool. This manipulation of the argument context causes path traversal. The attack can be initiated remotely.…

The exploit has been published and may be used.

Deeper analysisAI

CVE-2026-7319 is a path traversal vulnerability (CWE-22) affecting elinsky execution-system-mcp version 0.1.0. The flaw exists in the _get_context_file_path function located in the file src/execution_system_mcp/server.py within the add_action Tool component. Manipulation of the 'context' argument triggers the path traversal issue.

The vulnerability carries a CVSS v3.1 base score of 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L), rated as high severity. Remote attackers can exploit it without privileges or user interaction, requiring only low attack complexity over the network. Successful exploitation enables limited impacts on confidentiality, integrity, and availability through path traversal.

Advisories and further details are available in the project's GitHub repository at https://github.com/elinsky/execution-system-mcp/ and issue tracker at https://github.com/elinsky/execution-system-mcp/issues/1, along with VulDB entries such as https://vuldb.com/vuln/359972 and https://vuldb.com/vuln/359972/cti. The exploit has been published and may be used.