CVE Catalog

CVE-2026-14699

LowCVSS 3.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.14%

3th percentile — higher than 3% of all known CVEs

Summary

A vulnerability has been discovered in zcaceres markdownify-mcp up to version 1.1.0, involving symlink following in the assertPathAllowed function of src/Markdownify.ts. The attack can only be executed locally.

Risk Assessment

An attacker with local access could exploit symlink manipulation to access files outside the intended directory, potentially leading to unauthorized data read or write.

Recommendation

Update the library to the latest version once the fix is released, or apply temporary mitigations such as restricting filesystem access for the process running markdownify-mcp.

Original NVD description (English source)

A weakness has been identified in zcaceres markdownify-mcp up to 1.1.0. The affected element is the function assertPathAllowed of the file src/Markdownify.ts. Executing a manipulation can lead to symlink following. The attack can only be executed locally. The pull request to fix this issue awaits acceptance.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS