PatchSiren

augmnt CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

LOW augmnt CVE published 2026-07-13

CVE-2026-15526

A path traversal vulnerability was found in augmnt augments-mcp-server 7.1.0. The issue affects the scanProjectDeps function in src/tools/v4/scan-project-deps.ts. Local attackers can exploit this vulnerability by manipulating the packageJsonPath argument. The vulnerability allows attackers to traverse the file system, potentially leading to unauthorized access or data exposure. Users should verify the ver [truncated]