GHSA-xh92-rqrq-227v: 
JavaScript vulnerability analysis and mitigation

The Mastra Docs MCP Server package (@mastra/mcp-docs-server), a Typescript framework for building AI agents and assistants, contains a Directory Traversal vulnerability in versions 0.13.8 through 0.13.20-alpha.0. The vulnerability was discovered on September 24, 2025, and has been assigned CVE-2025-61685. The vulnerability affects the documentation context server component used in AI-powered IDEs (GitHub Advisory).

The vulnerability stems from a bypass of the path traversal security check in the readMdxContent function. While the code implements an initial security check to prevent path traversal for reading file contents, this protection is circumvented by subsequent logic in the findNearestDirectory function, which processes directory suggestions without proper path validation. The vulnerability has been assigned a CVSS v3.1 score of 6.5 (Medium) with vector string CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N, indicating network accessibility with low attack complexity (GitHub Advisory).

The vulnerability allows attackers to list contents of arbitrary directories on the user's filesystem, including sensitive locations such as the user's home directory. This exposure can reveal the presence of sensitive tools (.BurpSuite), configuration files (.config), cloud credentials (.aws/, .gcp/), and private project directories, potentially providing valuable information for planning further targeted attacks (GitHub Advisory).

The vulnerability has been fixed in version 0.13.20. The recommended fixes include halting execution immediately when readMdxContent detects a path traversal attempt and implementing defense-in-depth by applying path validation logic to the findNearestDirectory function. Users are advised to upgrade to the patched version 0.17.0 or later (GitHub Advisory).