Sandbox Escape Vulnerability Discovered in MCP Filesystem Server

Threat: Vulnerability

Targeted Region: Global

Targeted Sector: Technology & IT

Criticality: High

[subscribe_to_unlock_form]

EXECUTIVE SUMMARY:

Anthropic’s MCP Filesystem Server was found vulnerabilities that allowed attackers to escape its sandbox environment and execute arbitrary code on the host system. These flaws, identified as CVE‑2025‑53109 and CVE‑2025‑53110, could be chained together to achieve full host compromise. The vulnerabilities affected all MCP versions prior to 0.6.3.[/subscribe_to_unlock_form]

EXECUTIVE SUMMARY:

CVE‑2025‑53109: This vulnerability exploited symbolic link traversal, enabling attackers to manipulate the file system and plant malicious Launch Agents. These agents would then be executed automatically, leading to arbitrary code execution on the host machine. The vulnerabilities are assigned CVSS v3.1 base scores of 8.4.
CVE‑2025‑53110: This flaw involved improper path validation due to naïve prefix-matching. An attacker could construct malicious paths that bypass directory restrictions, allowing them to write outside of permitted folders and gain unauthorized access to the file system. The vulnerabilities are assigned CVSS v3.1 base scores of 7.3.

RECOMMENDATION:

We strongly recommend you update Anthropic MCP Filesystem Server to version 2025.7.1 .

REFERENCES:

The following reports contain further technical details:
https://cybersecuritynews.com/anthropics-mcp-server-vulnerability/

[/emaillocker]

Recent Advisories

Adobe Acrobat Vulnerability Allows Arbitrary Code Execution

April 16, 2026

Fake YouTube Phishing Campaign Compromises Creator Account Logins

April 16, 2026

Malicious Chrome Extensions Campaign Exfiltrating User Data via Command-and-Control Infrastructure

April 16, 2026

Thymeleaf Bypass Vulnerability Affects Templates

April 16, 2026

Sandbox Escape Vulnerability Discovered in MCP Filesystem Server

Recent Advisories

Report an Incident