Search
Find a vulnerability
Search criteria
6 vulnerabilities found for markdownify-mcp by zcaceres
CVE-2026-14702 (GCVE-0-2026-14702)
Vulnerability from nvd – Published: 2026-07-05 04:00 – Updated: 2026-07-06 17:49
VLAI
EPSS
VEX
Title
zcaceres markdownify-mcp webpage-to-markdown Markdownify.ts saveToTempFile random values
Summary
A flaw has been found in zcaceres markdownify-mcp up to 1.1.0. This impacts the function saveToTempFile of the file src/Markdownify.ts of the component webpage-to-markdown/youtube-to-markdown/bing-search-to-markdown. This manipulation causes insufficiently random values. The attack is restricted to local execution. A high degree of complexity is needed for the attack. The exploitability is said to be difficult. The exploit has been published and may be used. The pull request to fix this issue awaits acceptance.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/376298 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/376298/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-14702 | third-party-advisory |
| https://vuldb.com/submit/846942 | third-party-advisory |
| https://github.com/zcaceres/markdownify-mcp/issues/110 | exploitissue-tracking |
| https://github.com/zcaceres/markdownify-mcp/pull/111 | issue-trackingpatch |
| https://github.com/zcaceres/markdownify-mcp/ | product |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| zcaceres | markdownify-mcp |
Affected:
1.0
Affected: 1.1.0 cpe:2.3:a:zcaceres:markdownify-mcp:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-14702",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-06T17:49:37.877689Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-06T17:49:57.657Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:zcaceres:markdownify-mcp:*:*:*:*:*:*:*:*"
],
"modules": [
"webpage-to-markdown/youtube-to-markdown/bing-search-to-markdown"
],
"product": "markdownify-mcp",
"vendor": "zcaceres",
"versions": [
{
"status": "affected",
"version": "1.0"
},
{
"status": "affected",
"version": "1.1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Dem0000000 (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw has been found in zcaceres markdownify-mcp up to 1.1.0. This impacts the function saveToTempFile of the file src/Markdownify.ts of the component webpage-to-markdown/youtube-to-markdown/bing-search-to-markdown. This manipulation causes insufficiently random values. The attack is restricted to local execution. A high degree of complexity is needed for the attack. The exploitability is said to be difficult. The exploit has been published and may be used. The pull request to fix this issue awaits acceptance."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 2,
"baseSeverity": "LOW",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 1,
"vectorString": "AV:L/AC:H/Au:S/C:P/I:N/A:N/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-330",
"description": "Insufficiently Random Values",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-310",
"description": "Cryptographic Issues",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-05T04:00:08.361Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-376298 | zcaceres markdownify-mcp webpage-to-markdown Markdownify.ts saveToTempFile random values",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/376298"
},
{
"name": "VDB-376298 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/376298/cti"
},
{
"name": "CVE-2026-14702 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-14702"
},
{
"name": "Submit #846942 | zcaceres markdownify-mcp / mcp-markdownify-server up to 1.1.0 CWE-59: Improper Link Resolution Before File Access (\u0027Link Follo",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/846942"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/zcaceres/markdownify-mcp/issues/110"
},
{
"tags": [
"issue-tracking",
"patch"
],
"url": "https://github.com/zcaceres/markdownify-mcp/pull/111"
},
{
"tags": [
"product"
],
"url": "https://github.com/zcaceres/markdownify-mcp/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-07-04T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-07-04T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-07-04T07:33:44.000Z",
"value": "VulDB entry last update"
}
],
"title": "zcaceres markdownify-mcp webpage-to-markdown Markdownify.ts saveToTempFile random values"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-14702",
"datePublished": "2026-07-05T04:00:08.361Z",
"dateReserved": "2026-07-04T05:28:34.112Z",
"dateUpdated": "2026-07-06T17:49:57.657Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-14699 (GCVE-0-2026-14699)
Vulnerability from nvd – Published: 2026-07-05 03:15 – Updated: 2026-07-06 16:21
VLAI
EPSS
VEX
Title
zcaceres markdownify-mcp Markdownify.ts assertPathAllowed symlink
Summary
A weakness has been identified in zcaceres markdownify-mcp up to 1.1.0. The affected element is the function assertPathAllowed of the file src/Markdownify.ts. Executing a manipulation can lead to symlink following. The attack can only be executed locally. The pull request to fix this issue awaits acceptance.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/376295 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/376295/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-14699 | third-party-advisory |
| https://vuldb.com/submit/846864 | third-party-advisory |
| https://github.com/zcaceres/markdownify-mcp/issues/108 | issue-tracking |
| https://github.com/zcaceres/markdownify-mcp/pull/109 | issue-trackingpatch |
| https://github.com/zcaceres/markdownify-mcp/ | product |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| zcaceres | markdownify-mcp |
Affected:
1.0
Affected: 1.1.0 cpe:2.3:a:zcaceres:markdownify-mcp:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-14699",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-06T16:20:52.255822Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-06T16:21:02.273Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:zcaceres:markdownify-mcp:*:*:*:*:*:*:*:*"
],
"product": "markdownify-mcp",
"vendor": "zcaceres",
"versions": [
{
"status": "affected",
"version": "1.0"
},
{
"status": "affected",
"version": "1.1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Dem000000 (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A weakness has been identified in zcaceres markdownify-mcp up to 1.1.0. The affected element is the function assertPathAllowed of the file src/Markdownify.ts. Executing a manipulation can lead to symlink following. The attack can only be executed locally. The pull request to fix this issue awaits acceptance."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:X/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:X/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 1.7,
"vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:N/E:ND/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-61",
"description": "Symlink Following",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "Link Following",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-05T03:15:08.112Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-376295 | zcaceres markdownify-mcp Markdownify.ts assertPathAllowed symlink",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/376295"
},
{
"name": "VDB-376295 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/376295/cti"
},
{
"name": "CVE-2026-14699 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-14699"
},
{
"name": "Submit #846864 | zcaceres markdownify-mcp / mcp-markdownify-server up to 1.1.0 CWE-59: Improper Link Resolution Before File Access (\u0027Link Follo",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/846864"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/zcaceres/markdownify-mcp/issues/108"
},
{
"tags": [
"issue-tracking",
"patch"
],
"url": "https://github.com/zcaceres/markdownify-mcp/pull/109"
},
{
"tags": [
"product"
],
"url": "https://github.com/zcaceres/markdownify-mcp/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-07-04T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-07-04T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-07-04T07:27:46.000Z",
"value": "VulDB entry last update"
}
],
"title": "zcaceres markdownify-mcp Markdownify.ts assertPathAllowed symlink"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-14699",
"datePublished": "2026-07-05T03:15:08.112Z",
"dateReserved": "2026-07-04T05:22:43.104Z",
"dateUpdated": "2026-07-06T16:21:02.273Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-58358 (GCVE-0-2025-58358)
Vulnerability from nvd – Published: 2025-09-04 00:34 – Updated: 2025-09-04 17:55
VLAI
EPSS
VEX
Title
Markdownify is vulnerable to command injection through pptx-to-markdown tool
Summary
Markdownify is a Model Context Protocol server for converting almost anything to Markdown. Versions below 0.0.2 contain a command injection vulnerability, caused by the unsanitized use of input parameters within a call to child_process.exec, enabling an attacker to inject arbitrary system commands. Successful exploitation can lead to remote code execution under the server process's privileges. The server constructs and executes shell commands using unvalidated user input directly within command-line strings. This introduces the possibility of shell metacharacter injection (|, >, &&, etc.). This issue is fixed in version 0.0.2.
Severity
7.5 (High)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/zcaceres/markdownify-mcp/secur… | x_refsource_CONFIRM |
| https://github.com/zcaceres/markdownify-mcp/commi… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| zcaceres | markdownify-mcp |
Affected:
< 0.0.2
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-58358",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-04T17:54:31.968067Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-04T17:55:09.521Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "markdownify-mcp",
"vendor": "zcaceres",
"versions": [
{
"status": "affected",
"version": "\u003c 0.0.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Markdownify is a Model Context Protocol server for converting almost anything to Markdown. Versions below 0.0.2 contain a command injection vulnerability, caused by the unsanitized use of input parameters within a call to child_process.exec, enabling an attacker to inject arbitrary system commands. Successful exploitation can lead to remote code execution under the server process\u0027s privileges. The server constructs and executes shell commands using unvalidated user input directly within command-line strings. This introduces the possibility of shell metacharacter injection (|, \u003e, \u0026\u0026, etc.). This issue is fixed in version 0.0.2."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-04T00:34:33.819Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/zcaceres/markdownify-mcp/security/advisories/GHSA-45qj-4xq3-3c45",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/zcaceres/markdownify-mcp/security/advisories/GHSA-45qj-4xq3-3c45"
},
{
"name": "https://github.com/zcaceres/markdownify-mcp/commit/a31204de058b22a47e1dcc24508993cfe97e5bb3",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/zcaceres/markdownify-mcp/commit/a31204de058b22a47e1dcc24508993cfe97e5bb3"
}
],
"source": {
"advisory": "GHSA-45qj-4xq3-3c45",
"discovery": "UNKNOWN"
},
"title": "Markdownify is vulnerable to command injection through pptx-to-markdown tool"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-58358",
"datePublished": "2025-09-04T00:34:33.819Z",
"dateReserved": "2025-08-29T16:19:59.010Z",
"dateUpdated": "2025-09-04T17:55:09.521Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2026-14702 (GCVE-0-2026-14702)
Vulnerability from cvelistv5 – Published: 2026-07-05 04:00 – Updated: 2026-07-06 17:49
VLAI
EPSS
VEX
Title
zcaceres markdownify-mcp webpage-to-markdown Markdownify.ts saveToTempFile random values
Summary
A flaw has been found in zcaceres markdownify-mcp up to 1.1.0. This impacts the function saveToTempFile of the file src/Markdownify.ts of the component webpage-to-markdown/youtube-to-markdown/bing-search-to-markdown. This manipulation causes insufficiently random values. The attack is restricted to local execution. A high degree of complexity is needed for the attack. The exploitability is said to be difficult. The exploit has been published and may be used. The pull request to fix this issue awaits acceptance.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/376298 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/376298/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-14702 | third-party-advisory |
| https://vuldb.com/submit/846942 | third-party-advisory |
| https://github.com/zcaceres/markdownify-mcp/issues/110 | exploitissue-tracking |
| https://github.com/zcaceres/markdownify-mcp/pull/111 | issue-trackingpatch |
| https://github.com/zcaceres/markdownify-mcp/ | product |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| zcaceres | markdownify-mcp |
Affected:
1.0
Affected: 1.1.0 cpe:2.3:a:zcaceres:markdownify-mcp:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-14702",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-06T17:49:37.877689Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-06T17:49:57.657Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:zcaceres:markdownify-mcp:*:*:*:*:*:*:*:*"
],
"modules": [
"webpage-to-markdown/youtube-to-markdown/bing-search-to-markdown"
],
"product": "markdownify-mcp",
"vendor": "zcaceres",
"versions": [
{
"status": "affected",
"version": "1.0"
},
{
"status": "affected",
"version": "1.1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Dem0000000 (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw has been found in zcaceres markdownify-mcp up to 1.1.0. This impacts the function saveToTempFile of the file src/Markdownify.ts of the component webpage-to-markdown/youtube-to-markdown/bing-search-to-markdown. This manipulation causes insufficiently random values. The attack is restricted to local execution. A high degree of complexity is needed for the attack. The exploitability is said to be difficult. The exploit has been published and may be used. The pull request to fix this issue awaits acceptance."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 2,
"baseSeverity": "LOW",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 1,
"vectorString": "AV:L/AC:H/Au:S/C:P/I:N/A:N/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-330",
"description": "Insufficiently Random Values",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-310",
"description": "Cryptographic Issues",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-05T04:00:08.361Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-376298 | zcaceres markdownify-mcp webpage-to-markdown Markdownify.ts saveToTempFile random values",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/376298"
},
{
"name": "VDB-376298 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/376298/cti"
},
{
"name": "CVE-2026-14702 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-14702"
},
{
"name": "Submit #846942 | zcaceres markdownify-mcp / mcp-markdownify-server up to 1.1.0 CWE-59: Improper Link Resolution Before File Access (\u0027Link Follo",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/846942"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/zcaceres/markdownify-mcp/issues/110"
},
{
"tags": [
"issue-tracking",
"patch"
],
"url": "https://github.com/zcaceres/markdownify-mcp/pull/111"
},
{
"tags": [
"product"
],
"url": "https://github.com/zcaceres/markdownify-mcp/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-07-04T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-07-04T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-07-04T07:33:44.000Z",
"value": "VulDB entry last update"
}
],
"title": "zcaceres markdownify-mcp webpage-to-markdown Markdownify.ts saveToTempFile random values"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-14702",
"datePublished": "2026-07-05T04:00:08.361Z",
"dateReserved": "2026-07-04T05:28:34.112Z",
"dateUpdated": "2026-07-06T17:49:57.657Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-14699 (GCVE-0-2026-14699)
Vulnerability from cvelistv5 – Published: 2026-07-05 03:15 – Updated: 2026-07-06 16:21
VLAI
EPSS
VEX
Title
zcaceres markdownify-mcp Markdownify.ts assertPathAllowed symlink
Summary
A weakness has been identified in zcaceres markdownify-mcp up to 1.1.0. The affected element is the function assertPathAllowed of the file src/Markdownify.ts. Executing a manipulation can lead to symlink following. The attack can only be executed locally. The pull request to fix this issue awaits acceptance.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/376295 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/376295/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-14699 | third-party-advisory |
| https://vuldb.com/submit/846864 | third-party-advisory |
| https://github.com/zcaceres/markdownify-mcp/issues/108 | issue-tracking |
| https://github.com/zcaceres/markdownify-mcp/pull/109 | issue-trackingpatch |
| https://github.com/zcaceres/markdownify-mcp/ | product |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| zcaceres | markdownify-mcp |
Affected:
1.0
Affected: 1.1.0 cpe:2.3:a:zcaceres:markdownify-mcp:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-14699",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-06T16:20:52.255822Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-06T16:21:02.273Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:zcaceres:markdownify-mcp:*:*:*:*:*:*:*:*"
],
"product": "markdownify-mcp",
"vendor": "zcaceres",
"versions": [
{
"status": "affected",
"version": "1.0"
},
{
"status": "affected",
"version": "1.1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Dem000000 (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A weakness has been identified in zcaceres markdownify-mcp up to 1.1.0. The affected element is the function assertPathAllowed of the file src/Markdownify.ts. Executing a manipulation can lead to symlink following. The attack can only be executed locally. The pull request to fix this issue awaits acceptance."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:X/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:X/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 1.7,
"vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:N/E:ND/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-61",
"description": "Symlink Following",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "Link Following",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-05T03:15:08.112Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-376295 | zcaceres markdownify-mcp Markdownify.ts assertPathAllowed symlink",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/376295"
},
{
"name": "VDB-376295 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/376295/cti"
},
{
"name": "CVE-2026-14699 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-14699"
},
{
"name": "Submit #846864 | zcaceres markdownify-mcp / mcp-markdownify-server up to 1.1.0 CWE-59: Improper Link Resolution Before File Access (\u0027Link Follo",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/846864"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/zcaceres/markdownify-mcp/issues/108"
},
{
"tags": [
"issue-tracking",
"patch"
],
"url": "https://github.com/zcaceres/markdownify-mcp/pull/109"
},
{
"tags": [
"product"
],
"url": "https://github.com/zcaceres/markdownify-mcp/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-07-04T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-07-04T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-07-04T07:27:46.000Z",
"value": "VulDB entry last update"
}
],
"title": "zcaceres markdownify-mcp Markdownify.ts assertPathAllowed symlink"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-14699",
"datePublished": "2026-07-05T03:15:08.112Z",
"dateReserved": "2026-07-04T05:22:43.104Z",
"dateUpdated": "2026-07-06T16:21:02.273Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-58358 (GCVE-0-2025-58358)
Vulnerability from cvelistv5 – Published: 2025-09-04 00:34 – Updated: 2025-09-04 17:55
VLAI
EPSS
VEX
Title
Markdownify is vulnerable to command injection through pptx-to-markdown tool
Summary
Markdownify is a Model Context Protocol server for converting almost anything to Markdown. Versions below 0.0.2 contain a command injection vulnerability, caused by the unsanitized use of input parameters within a call to child_process.exec, enabling an attacker to inject arbitrary system commands. Successful exploitation can lead to remote code execution under the server process's privileges. The server constructs and executes shell commands using unvalidated user input directly within command-line strings. This introduces the possibility of shell metacharacter injection (|, >, &&, etc.). This issue is fixed in version 0.0.2.
Severity
7.5 (High)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/zcaceres/markdownify-mcp/secur… | x_refsource_CONFIRM |
| https://github.com/zcaceres/markdownify-mcp/commi… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| zcaceres | markdownify-mcp |
Affected:
< 0.0.2
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-58358",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-04T17:54:31.968067Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-04T17:55:09.521Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "markdownify-mcp",
"vendor": "zcaceres",
"versions": [
{
"status": "affected",
"version": "\u003c 0.0.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Markdownify is a Model Context Protocol server for converting almost anything to Markdown. Versions below 0.0.2 contain a command injection vulnerability, caused by the unsanitized use of input parameters within a call to child_process.exec, enabling an attacker to inject arbitrary system commands. Successful exploitation can lead to remote code execution under the server process\u0027s privileges. The server constructs and executes shell commands using unvalidated user input directly within command-line strings. This introduces the possibility of shell metacharacter injection (|, \u003e, \u0026\u0026, etc.). This issue is fixed in version 0.0.2."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-04T00:34:33.819Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/zcaceres/markdownify-mcp/security/advisories/GHSA-45qj-4xq3-3c45",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/zcaceres/markdownify-mcp/security/advisories/GHSA-45qj-4xq3-3c45"
},
{
"name": "https://github.com/zcaceres/markdownify-mcp/commit/a31204de058b22a47e1dcc24508993cfe97e5bb3",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/zcaceres/markdownify-mcp/commit/a31204de058b22a47e1dcc24508993cfe97e5bb3"
}
],
"source": {
"advisory": "GHSA-45qj-4xq3-3c45",
"discovery": "UNKNOWN"
},
"title": "Markdownify is vulnerable to command injection through pptx-to-markdown tool"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-58358",
"datePublished": "2025-09-04T00:34:33.819Z",
"dateReserved": "2025-08-29T16:19:59.010Z",
"dateUpdated": "2025-09-04T17:55:09.521Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}