CVE-2026-14702
Received Received - Intake

Insufficiently Random Values in Markdownify-MCP

Vulnerability report for CVE-2026-14702, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-05

Last updated on: 2026-07-05

Assigner: VulDB

Description

A flaw has been found in zcaceres markdownify-mcp up to 1.1.0. This impacts the function saveToTempFile of the file src/Markdownify.ts of the component webpage-to-markdown/youtube-to-markdown/bing-search-to-markdown. This manipulation causes insufficiently random values. The attack is restricted to local execution. A high degree of complexity is needed for the attack. The exploitability is said to be difficult. The exploit has been published and may be used. The pull request to fix this issue awaits acceptance.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-05
Last Modified
2026-07-05
Generated
2026-07-05
AI Q&A
2026-07-05
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
zcaceres markdownify-mcp to 1.1.0 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-330 The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.
CWE-310 Cryptographic Issues

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-14702 is a vulnerability in the markdownify-mcp package (up to version 1.1.0) where the function saveToTempFile creates temporary file paths that are predictable. These paths are based on the system's temporary directory and the current millisecond timestamp without any random or unique identifiers.

Because the temporary file names are predictable, an attacker with local access can create symbolic links (symlinks) at these expected paths before the application writes to them. This can cause the application to overwrite or leak data to unintended locations, leading to potential data leaks, file overwrites, or denial of service in shared or multi-user environments.

The vulnerability affects components like webpage-to-markdown, youtube-to-markdown, and bing-search-to-markdown, and arises from the use of fs.writeFileSync which follows existing symlinks.

Compliance Impact

The vulnerability in markdownify-mcp allows predictable temporary file paths that can be exploited to overwrite files or leak data in shared environments. This can lead to unauthorized data exposure or data leaks, especially in multi-user or shared hosting environments.

Such data leaks or unauthorized access to sensitive information could potentially violate data protection regulations like GDPR or HIPAA, which require strict controls over personal and sensitive data to prevent unauthorized disclosure.

Therefore, this vulnerability may impact compliance with these standards by increasing the risk of data breaches or unauthorized data access due to insufficiently random temporary file handling.

Impact Analysis

This vulnerability can impact you if you run the markdownify-mcp package in an environment where multiple users or processes share the same temporary directory, such as shared hosting, CI runners, or multi-user systems.

  • An attacker with local access can create symlinks to redirect the application's temporary file writes to arbitrary locations.
  • This can lead to data leaks by exposing fetched URL content to unauthorized locations.
  • It can cause file overwrites or clobbering, potentially corrupting important files.
  • Temporary denial of service can occur due to collisions or stale artifacts in the temporary directory.

However, the attack requires local access and a high degree of complexity, and remote code execution is not directly enabled by this vulnerability.

Detection Guidance

This vulnerability involves the use of predictable temporary file paths in the saveToTempFile() function, which can be detected by checking for the creation of temporary files in the system's temporary directory that follow a predictable pattern based on the current millisecond timestamp and file extension.

To detect potential exploitation or presence of this vulnerability, you can monitor the temporary directory for files or symlinks with names matching the timestamp pattern used by markdownify-mcp.

  • Use commands to list files and symlinks in the temporary directory, for example: `ls -l /tmp` or `find /tmp -type l` to identify suspicious symlinks.
  • Check for processes or scripts invoking markdownify-mcp or related tools (webpage-to-markdown, youtube-to-markdown, bing-search-to-markdown) that might be creating predictable temp files.
  • Use file system monitoring tools like `inotifywait` on Linux to watch for creation of temporary files with predictable names.
Mitigation Strategies

Immediate mitigation steps include preventing the use of predictable temporary file paths by ensuring that temporary files are created with unpredictable, random names and in private temporary directories.

Specifically, update or patch markdownify-mcp to incorporate the fix that uses `fs.mkdtemp()` to create a private temporary directory and `crypto.randomUUID()` for random file names, as implemented in the pull request addressing this issue.

If patching is not immediately possible, restrict access to the system's temporary directory to prevent attackers from creating symlinks or files that could be exploited.

Additionally, monitor and clean up stale temporary files and symlinks regularly to reduce the attack surface.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-14702. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart