CVE-2026-30617 | chatchat-space LangChain-ChatChat 0.3.1 MCP STDIO Server Configuration command injection

Inserito da Angelo Barbosa | Apr 15, 2026 | CVE

A vulnerability, which was classified as critical, has been found in chatchat-space LangChain-ChatChat 0.3.1. This impacts an unknown function of the component MCP STDIO Server Configuration Handler. Performing a manipulation results in command injection.

This vulnerability is cataloged as CVE-2026-30617. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2026-30617 | chatchat-space LangChain-ChatChat 0.3.1 MCP STDIO Server Configuration command injection

Post correlati

CVE-2024-3708 | lighttpd up to 1.4.50 HTTP Request use after free

CVE-2024-58098 | Linux Kernel up to 6.12.24 filter.c bpf_skb_pull_data state issue

CVE-2025-14226 | itsourcecode Student Management System 1.0 /edit_user.php fname sql injection

CVE-2025-65814 | RHOPHI Office App-Edit Word 6.4.1 path traversal