CVE-2026-4192 | AvinashBole quip-mcp-server 1.0.0 src/index.ts setupToolHandlers command injection

Inserito da Angelo Barbosa | Mar 14, 2026 | CVE

A vulnerability was found in AvinashBole quip-mcp-server 1.0.0. It has been declared as critical. Affected by this vulnerability is the function setupToolHandlers of the file src/index.ts. Such manipulation leads to command injection.

This vulnerability is listed as CVE-2026-4192. The attack may be performed from remote. In addition, an exploit is available.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2026-4192 | AvinashBole quip-mcp-server 1.0.0 src/index.ts setupToolHandlers command injection

Post correlati

CVE-2025-13235 | itsourcecode Inventory Management System 1.0 /admin/login.php user_email sql injection

CVE-2025-8204 | Comodo Dragon up to 134.0.6998.179 HSTS security check

CVE-2024-0508 | ThemeIsle Orbit Fox Plugin up to 2.10.27 on WordPress Pricing Table Elementor Widget cross site scripting

CVE-2025-47968 | Microsoft