CVE-2026-40576
published 2026-04-21CVE-2026-40576: excel-mcp-server is a Model Context Protocol server for Excel file manipulation. A path traversal vulnerability exists in excel-mcp-server versions up to and…
PriorityP266critical9.4CVSS 3.1
AVNACLPRNUINSUCLIHAH
EPSS
0.39%
30.9th percentile
excel-mcp-server is a Model Context Protocol server for Excel file manipulation. A path traversal vulnerability exists in excel-mcp-server versions up to and including 0.1.7. When running in SSE or Streamable-HTTP transport mode (the documented way to use this server remotely), an unauthenticated attacker on the network can read, write, and overwrite arbitrary files on the host filesystem by supplying crafted filepath arguments to any of the 25 exposed MCP tool handlers. The server is intended to confine file operations to a directory set by the EXCEL_FILES_PATH environment variable. The function responsible for enforcing this boundary — get_excel_path() — fails to do so due to two independent flaws: it passes absolute paths through without any check, and it joins relative paths without resolving or validating the result. Combined with zero authentication on the default network-facing transport and a default bind address of 0.0.0.0 (all interfaces), this allows trivial remote exploitation. This vulnerability is fixed in 0.1.8.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| haris-musa | excel-mcp-server | < 0.1.8 | 0.1.8 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
haris-musa excel-mcp-server up to 0.1.7 get_excel_path filepath path traversal (GHSA-j98m-w3xp-9f56)
vuldb·2026-04-21·CVSS 9.4
CVE-2026-40576 [CRITICAL] haris-musa excel-mcp-server up to 0.1.7 get_excel_path filepath path traversal (GHSA-j98m-w3xp-9f56)
A vulnerability categorized as critical has been discovered in haris-musa excel-mcp-server up to 0.1.7. This affects the function get_excel_path. Such manipulation of the argument filepath leads to path traversal.
This vulnerability is referenced as CVE-2026-40576. It is possible to launch the attack remotely. No exploit is available.
It is advisable to upgrade the affected component.
GHSA
excel-mcp-server has a Path Traversal issue
ghsa·2026-04-14
CVE-2026-40576 [CRITICAL] CWE-22 excel-mcp-server has a Path Traversal issue
excel-mcp-server has a Path Traversal issue
## Summary
A path traversal vulnerability exists in [`excel-mcp-server`](https://github.com/haris-musa/excel-mcp-server) versions up to and including `0.1.7`. When running in SSE or Streamable-HTTP transport mode (the documented way to use this server remotely), an unauthenticated attacker on the network can read, write, and overwrite arbitrary files on the host filesystem by supplying crafted `filepath` arguments to any of the 25 exposed MCP tool handlers.
The server is intended to confine file operations to a directory set by the `EXCEL_FILES_PATH` environment variable. The function responsible for enforcing this boundary — `get_excel_path()` — fails to do so due to two independent flaws: it passes absolute paths through without any check, a
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-04-21
Published