Vulnerability Description
Model Context Protocol Servers is a collection of reference implementations for the model context protocol (MCP). Versions of Filesystem prior to 0.6.4 or 2025.7.01 could allow access to unintended files via symlinks within allowed directories. Users are advised to upgrade to 0.6.4 or 2025.7.01 resolve.
Related Weaknesses (CWE)
References
- https://github.com/modelcontextprotocol/servers/commit/d00c60df9d74dba8a3bb13113
- https://github.com/modelcontextprotocol/servers/security/advisories/GHSA-q66q-fx
FAQ
What is CVE-2025-53109?
CVE-2025-53109 is a documented vulnerability. Model Context Protocol Servers is a collection of reference implementations for the model context protocol (MCP). Versions of Filesystem prior to 0.6.4 or 2025.7.01 could allow access to unintended fi...
How severe is CVE-2025-53109?
CVSS scoring is not yet available for CVE-2025-53109. Check NVD for updates.
Is there a patch for CVE-2025-53109?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.