pkg:npm/@modelcontextprotocol/server-filesystem
2 total CVEs
✅ Check your installed version
All known vulnerabilities
—CVE-2025-53110@modelcontextprotocol/server-filesystem vulnerability allows for path validation bypass via colliding path prefix from 0, <= 0.6.2
—CVE-2025-53109@modelcontextprotocol/server-filesystem allows for path validation bypass via prefix matching and symlink handling from 0, <= 0.6.2