CVE-2025-5273 – Mcp-Markdownify-Server File Access Vulnerability

May 29, 2025

CVE ID : CVE-2025-5273

Published : May 29, 2025, 5:15 a.m. | 15 minutes ago

Description : All versions of the package mcp-markdownify-server are vulnerable to Files or Directories Accessible to External Parties via the get-markdown-file tool. An attacker can craft a prompt that, once accessed by the MCP host, will allow it to read arbitrary files from the host running the server.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5276 – MCP Markdownify Server SSRF

Next Article CVE-2025-4583 – Smash Balloon Social Photo Feed – Easy Social Feeds Plugin Stored Cross-Site Scripting (XSS)

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

Windows 11 version 25H2: Everything you need to know about Microsoft’s next OS release

Elden Ring Nightreign already has a duos Seamless Co-op mod from the creator of the beloved original, and it’ll be “expanded on in the future”

I love Elden Ring Nightreign’s weirdest boss — he bargains with you, heals you, and throws tantrums if you ruin his meditation

How to install SteamOS on ROG Ally and Legion Go Windows gaming handhelds

Oracle Fusion new Product Management Landing Page and AI (25B)

Oracle Fusion new Product Management Landing Page and AI (25B)

Filament Is Now Running Natively on Mobile

How Remix is shaking things up

Windows 11 version 25H2: Everything you need to know about Microsoft’s next OS release

Windows 11 version 25H2: Everything you need to know about Microsoft’s next OS release

Elden Ring Nightreign already has a duos Seamless Co-op mod from the creator of the beloved original, and it’ll be “expanded on in the future”

I love Elden Ring Nightreign’s weirdest boss — he bargains with you, heals you, and throws tantrums if you ruin his meditation

CVE-2025-5273 – Mcp-Markdownify-Server File Access Vulnerability

New Linux Flaws Allow Password Hash Theft via Core Dumps in Ubuntu, RHEL, Fedora

Exploit details for max severity Cisco IOS XE flaw now public

Cerberus Testing is a low-code test automation platform

Regexes Got Good: The History And Future Of Regular Expressions In JavaScript

LAMBDA: A New Open-Source, Code-Free Multi-Agent Data Analysis System to Bridge the Gap Between Domain Experts and Advanced AI Models

How Software Testing Failures Led to a Global Crisis: Key Takeaways

Adding Grouped Items in Waybar

GraphStorm 0.3: Scalable, multi-task learning on graphs with user-friendly APIs

CVE-2025-45866 – TOTOLINK A3002R Buffer Overflow

AWS vs Azure: Picking the Perfect Platform

CVE-2025-5273 – Mcp-Markdownify-Server File Access Vulnerability

Related Posts