Vulnerabilities ›

CVE-2026-10277

Medium

CWE-266 — Weakness Type

                    Published: Jun 1, 2026                      ·  Modified: Jun 4, 2026                      ·  Source: NVD                

CVSS v3

6.3

🔗 NVD Official

📄 Description (English)

A vulnerability was found in j3k0 mcp-google-workspace up to 831790e7d5c2663325733d9f5579cc339a267c4c. This issue affects the function saveToDisk of the file src/tools/gmail.ts of the component MCP Gmail Tool. Performing a manipulation results in improper access controls. It is possible to initiate the attack remotely. The exploit has been made public and could be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The patch is named 89c091ecf8b9f9c7291d1af0b1966e271f86551c. It is suggested to install a patch to address this issue.

🤖 AI Executive Summary

A medium-severity vulnerability (CVSS 6.3) in the j3k0 mcp-google-workspace Gmail tool allows improper access controls in the saveToDisk function, potentially enabling unauthorized file operations. The vulnerability affects the MCP Gmail Tool component and can be exploited remotely. While a patch commit exists (89c091ecf8b8f9c7291d1af0b1966e271f86551c), it is not yet officially released, requiring immediate monitoring and compensating controls.

📄 Description (Arabic)

🤖 AI Intelligence Analysis Analyzed: Jun 1, 2026 22:39

🇸🇦 Saudi Arabia Impact Assessment

This vulnerability primarily impacts Saudi organizations using Google Workspace integrations with MCP tools, particularly: (1) Government entities and ministries relying on Google Workspace for email and document management; (2) Banking and financial institutions using Google Workspace for secure communications; (3) Healthcare providers storing sensitive patient data through Gmail; (4) Telecommunications companies (STC, Mobily) using workspace tools; (5) Energy sector organizations (ARAMCO subsidiaries) managing confidential communications. The improper access controls could lead to unauthorized file access, data exfiltration, or manipulation of sensitive business communications.

🏢 Affected Saudi Sectors

Government and Public Administration Banking and Financial Services Healthcare and Medical Services Energy and Utilities Telecommunications Education Large Enterprises using Google Workspace

🎯 MITRE ATT&CK Techniques

T1078 - Valid Accounts T1190 - Exploit Public-Facing Application T1566 - Phishing T1552 - Unsecured Credentials T1537 - Transfer Data to Cloud Account T1005 - Data from Local System T1020 - Automated Exfiltration

⚖️ Saudi Risk Score (AI)

6.8

/ 10.0

🔧 Remediation Steps (English)

IMMEDIATE ACTIONS:

1. Audit all deployments of j3k0 mcp-google-workspace to identify affected instances

2. Review access logs for the saveToDisk function in src/tools/gmail.ts for suspicious activity

3. Implement network segmentation to restrict MCP Gmail Tool access to authorized users only

4. Enable Google Workspace audit logging and monitor for unusual file operations



PATCHING GUIDANCE:

1. Monitor the official j3k0 mcp-google-workspace repository for release of commit 89c091ecf8b8f9c7291d1af0b1966e271f86551c

2. Implement automated dependency scanning to detect when patched version becomes available

3. Prepare deployment procedures for rapid patching once released



COMPENSATING CONTROLS:

1. Restrict MCP Gmail Tool execution to trusted service accounts with minimal required permissions

2. Implement file integrity monitoring on directories where saveToDisk writes files

3. Deploy application-level access controls to validate user permissions before file operations

4. Use Google Workspace security controls to limit Gmail API token scope

5. Implement rate limiting on saveToDisk function calls



DETECTION RULES:

1. Monitor for unexpected file creation/modification in MCP Gmail Tool directories

2. Alert on saveToDisk function calls from unauthorized service accounts

3. Track Google Workspace API calls with unusual file operation patterns

4. Monitor for privilege escalation attempts targeting Gmail tool processes

🔧 خطوات المعالجة (العربية)

الإجراءات الفورية:

1. تدقيق جميع نشرات j3k0 mcp-google-workspace لتحديد الحالات المتأثرة

2. مراجعة سجلات الوصول لدالة saveToDisk في src/tools/gmail.ts للبحث عن نشاط مريب

3. تنفيذ تقسيم الشبكة لتقييد وصول MCP Gmail Tool للمستخدمين المصرح لهم فقط

4. تفعيل تسجيل تدقيق Google Workspace ومراقبة العمليات غير العادية على الملفات

إرشادات التصحيح:

1. مراقبة مستودع j3k0 mcp-google-workspace الرسمي لإصدار التزام 89c091ecf8b8f9c7291d1af0b1966e271f86551c

2. تنفيذ فحص التبعيات الآلي للكشف عن توفر النسخة المصححة

3. تحضير إجراءات النشر للتصحيح السريع عند الإصدار

الضوابط التعويضية:

1. تقييد تنفيذ MCP Gmail Tool لحسابات الخدمة الموثوقة بأقل صلاحيات مطلوبة

2. تنفيذ مراقبة سلامة الملفات على الدلائل التي تكتب فيها saveToDisk

3. نشر ضوابط الوصول على مستوى التطبيق للتحقق من صلاحيات المستخدم قبل العمليات على الملفات

4. استخدام ضوابط أمان Google Workspace لتحديد نطاق رمز API لـ Gmail

5. تنفيذ تحديد معدل على استدعاءات دالة saveToDisk

قواعد الكشف:

1. مراقبة إنشاء/تعديل الملفات غير المتوقعة في دلائل MCP Gmail Tool

2. تنبيهات استدعاءات دالة saveToDisk من حسابات خدمة غير مصرح بها

3. تتبع استدعاءات Google Workspace API بأنماط عمليات ملفات غير عادية

4. مراقبة محاولات تصعيد الامتيازات التي تستهدف عمليات أداة Gmail

📋 Regulatory Compliance Mapping

🟢 NCA ECC 2024

ECC 2024 A.5.1.1 - Access Control Policy ECC 2024 A.6.1.1 - Information Security Roles and Responsibilities ECC 2024 A.8.2.1 - User Registration and De-registration ECC 2024 A.8.3.1 - User Access Rights Review ECC 2024 A.9.2.1 - User Endpoint Devices ECC 2024 A.12.4.1 - Event Logging

🔵 SAMA CSF

SAMA CSF ID.AC-1 - Access Control Policy and Procedures SAMA CSF ID.AC-2 - Physical and Logical Access Controls SAMA CSF DE.AE-1 - Audit and Accountability SAMA CSF DE.CM-1 - System Monitoring SAMA CSF RS.MI-1 - Incident Response Procedures

🟡 ISO 27001:2022

ISO 27001:2022 A.5.3 - Segregation of Duties ISO 27001:2022 A.8.2 - User Registration and De-registration ISO 27001:2022 A.8.3 - User Access Provisioning ISO 27001:2022 A.8.4 - Access Rights Review ISO 27001:2022 A.9.2 - User Endpoint Devices ISO 27001:2022 A.12.4 - Logging

🟣 PCI DSS v4.0.1

PCI DSS 2.1 - Configuration Standards PCI DSS 7.1 - Limit Access to System Components PCI DSS 10.1 - Implement Audit Trails

🔗 References & Sources 8

🔗

https://github.com/j3k0/mcp-google-workspace/

cna@vuldb.com

🔗

https://github.com/j3k0/mcp-google-workspace/commit/89c091ecf8b9f9c7291d1af0b1966e271f8...

cna@vuldb.com

🔗

https://github.com/j3k0/mcp-google-workspace/issues/19

cna@vuldb.com

🔗

https://github.com/j3k0/mcp-google-workspace/pull/22

cna@vuldb.com

🔗

https://vuldb.com/cve/CVE-2026-10277

cna@vuldb.com

🔗

https://vuldb.com/submit/825416

cna@vuldb.com

🔗

https://vuldb.com/vuln/367570

cna@vuldb.com

🔗

https://vuldb.com/vuln/367570/cti

cna@vuldb.com

📊 CVSS Score

6.3

/ 10.0 — Medium

📊 CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Attack VectorN — None / Network

Attack ComplexityL — Low / Local

Privileges RequiredL — Low / Local

User InteractionN — None / Network

ScopeU — Unchanged

ConfidentialityL — Low / Local

IntegrityL — Low / Local

AvailabilityL — Low / Local

📋 Quick Facts

Severity Medium

CVSS Score6.3

CWECWE-266

EPSS0.05%

Exploit No

Patch ✗ No

Published 2026-06-01

Source Feed nvd

🇸🇦 Saudi Risk Score

6.8

/ 10.0 — Saudi Risk

Priority: HIGH

🏷️ Tags

CWE-266

⚡ Actions

🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details

CVE-2026-10277

Introduce Yourself

Sign In Required