- Description
- Model Context Protocol Servers is a collection of reference implementations for the model context protocol (MCP). Versions of Filesystem prior to 0.6.4 or 2025.7.01 could allow access to unintended files via symlinks within allowed directories. Users are advised to upgrade to 0.6.4 or 2025.7.01 resolve.
- Source
- security-advisories@github.com
- NVD status
- Awaiting Analysis
CVSS 4.0
- Type
- Secondary
- Base score
- 7.3
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- HIGH
- security-advisories@github.com
- CWE-59
- Hype score
- Not currently trending
🚨 Excited to share two high-severity CVEs I discovered in Anthropic’s MCP Filesystem Server: • CVE-2025-53110 — Directory Containment Bypass (7.3) • CVE-2025-53109 — Symlink Bypass to Code Execution (8.4) Full technical details: 👉 https://t.co/CUwkAlmlAa
@EladBeber
2 Jul 2025
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-53109 - Path validation bypass via symlink handling in modelcontextprotocol/servers MCP Servers. https://t.co/TnqBMPJ1OL https://t.co/TlewzfcGZU https://t.co/FQTddFZt9t
@gothburz
2 Jul 2025
68 Impressions
2 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
CVE-2025-53109 Model Context Protocol Servers is a collection of reference implementations for the model context protocol (MCP). Versions of Filesystem prior to 0.6.4 or 2025.7.01 c… https://t.co/5hMjBACUlA
@CVEnew
2 Jul 2025
358 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes