CVE-2025-5273
CVE-2025-5273CVE-2025-5273
Description
Versions of the package mcp-markdownify-server before 1.0.0 are vulnerable to Files or Directories Accessible to External Parties via the get-markdown-file tool. An attacker can craft a prompt that, once accessed by the MCP host, will allow it to read arbitrary files from the host running the server.
Scoring
| CVSS | 6.5 () |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N |
| Last modified | 2026-07-16 |