CVE-2026-10277
Deferred Deferred - Pending Action
Improper Access Control in MCP Google Workspace Tool

Publication date: 2026-06-01

Last updated on: 2026-06-01

Assigner: VulDB

Description
A vulnerability was found in j3k0 mcp-google-workspace up to 831790e7d5c2663325733d9f5579cc339a267c4c. This issue affects the function saveToDisk of the file src/tools/gmail.ts of the component MCP Gmail Tool. Performing a manipulation results in improper access controls. It is possible to initiate the attack remotely. The exploit has been made public and could be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The patch is named 89c091ecf8b9f9c7291d1af0b1966e271f86551c. It is suggested to install a patch to address this issue.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-01
Last Modified
2026-06-01
Generated
2026-06-22
AI Q&A
2026-06-01
EPSS Evaluated
2026-06-20
NVD
CVE-2026-10277
EUVD
EUVD-2026-33721
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
j3k0 mcp-google-workspace to 831790e7d5c2663325733d9f5579cc339a267c4c (exc)
j3k0 mcp-google-workspace to 831790e7d5c2663325733d9f5579cc339a267c4c (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-284 The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
CWE-266 A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the MCP Gmail Tool component of j3k0 mcp-google-workspace, specifically in the saveToDisk function of the src/tools/gmail.ts file. It involves improper access controls that can be exploited remotely by an attacker. The issue allows unauthorized manipulation that could lead to unintended access or actions within the system.

The vulnerability has been publicly disclosed and a patch is available to fix it.

Impact Analysis

Exploiting this vulnerability could lead to unauthorized access or modification of data due to improper access controls. This may result in confidentiality, integrity, and availability impacts on the affected system.

  • Confidentiality: Partial data exposure or leakage.
  • Integrity: Potential unauthorized modification of data.
  • Availability: Possible disruption or degradation of service.
Mitigation Strategies

It is suggested to install the patch named 89c091ecf8b9f9c7291d1af0b1966e271f86551c to address this issue.

Compliance Impact

The vulnerability CVE-2026-10277 allows attackers to write arbitrary files to the server's filesystem due to improper access controls in the Gmail attachment saving functionality. This arbitrary file write can lead to unauthorized data modification or exposure.

Such unauthorized access and potential data manipulation could negatively impact compliance with data protection standards and regulations like GDPR and HIPAA, which require strict controls over data integrity, confidentiality, and access.

Specifically, the ability for an attacker to write files arbitrarily may lead to breaches of personal or sensitive information, violating principles of data security and privacy mandated by these regulations.

Therefore, until patched, this vulnerability poses a risk to maintaining compliance with these common standards by undermining the security controls necessary to protect sensitive data.

Detection Guidance

This vulnerability involves arbitrary file writes via manipulated attachment save paths in the mcp-google-workspace Gmail tool. Detection involves checking if the application is saving files outside the intended attachments directory or if unexpected absolute or traversal paths are being used.

Since the vulnerability is related to improper path validation in the saveToDisk function, you can monitor filesystem activity for suspicious writes outside the configured attachments directory (default ~/.mcp-gsuite/attachments).

Suggested commands to detect potential exploitation attempts include:

  • Use filesystem monitoring tools like 'inotifywait' on Linux to watch for unexpected file writes outside the attachments directory.
  • Check application logs for any errors or warnings related to file saving or path validation failures.
  • Search for files created or modified recently outside the expected attachments directory, for example: `find ~/.mcp-gsuite/ -type f -mtime -1` to find files modified in the last day.
  • If you have access to the source or runtime environment, review or add logging around the saveToDisk function to log the paths being saved.

No specific detection commands or signatures are provided in the available resources, so detection relies on monitoring file system activity and application behavior related to attachment saving.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-10277. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart