CVE-2026-40576 landed on April 14. Path traversal in excel-mcp-server. CVSS 9.4. An unauthenticated attacker can read, write, or overwrite arbitrary files on the host filesystem. Three weeks earlier, the same vulnerability in a different server. Three weeks before that, another one. CVE-2026-33989 (@mobilenext/mobile-mcp, arbitrary file write). CVE-2026-27735 (mcp-server-git, staging files outside repository boundaries). CVE-2026-32871 (fastmcp, path traversal combined with SSRF). According to vulnerablemcp.info, roughly 82% of MCP servers with file operations are vulnerable to some variant of this class. This isn't a coincidence. It's a structural property of how MCP servers are built. The root cause MCP tool handlers receive parameters from the calling agent. For file-handling servers, that typically means a path. The tool reads a file, writes a cell, stages a diff, and returns a result.…