LOW
augmnt
CVE published 2026-07-13
CVE-2026-15526
A path traversal vulnerability was found in augmnt augments-mcp-server 7.1.0. The issue affects the scanProjectDeps function in src/tools/v4/scan-project-deps.ts. Local attackers can exploit this vulnerability by manipulating the packageJsonPath argument. The vulnerability allows attackers to traverse the file system, potentially leading to unauthorized access or data exposure. Users should verify the ver [truncated]