Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Wed, 03 Jun 2026 15:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Mon, 01 Jun 2026 15:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A vulnerability was determined in lharries whatsapp-mcp 0.0.1. Affected by this vulnerability is the function SendMessageRequest of the file whatsapp-bridge/main.go of the component Send API Endpoint. This manipulation of the argument mediaPath causes path traversal. The exploit has been publicly disclosed and may be utilized. Patch name: 6657cdceadd361e8fbe824afe9d00b4504009a5d. It is recommended to apply a patch to fix this issue. | |
| Title | lharries whatsapp-mcp Send API Endpoint main.go SendMessageRequest path traversal | |
| First Time appeared |
Lharries
Lharries whatsapp-mcp |
|
| Weaknesses | CWE-22 | |
| CPEs | cpe:2.3:a:lharries:whatsapp-mcp:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Lharries
Lharries whatsapp-mcp |
|
| References |
|
|
| Metrics |
cvssV2_0
|
Status: PUBLISHED
Assigner: VulDB
Published:
Updated: 2026-06-03T14:46:27.835Z
Reserved: 2026-05-31T12:51:28.835Z
Link: CVE-2026-10264
Updated: 2026-06-03T14:43:25.729Z
Status : Deferred
Published: 2026-06-01T15:16:32.830
Modified: 2026-06-01T16:41:55.090
Link: CVE-2026-10264
No data.
OpenCVE Enrichment
Updated: 2026-06-02T20:54:32Z