CVE-2026-4192 | AvinashBole quip-mcp-server 1.0.0 src/index.ts setupToolHandlers command injection

Inserito da Angelo Barbosa | Mar 14, 2026 | CVE

A vulnerability was found in AvinashBole quip-mcp-server 1.0.0. It has been declared as critical. Affected by this vulnerability is the function setupToolHandlers of the file src/index.ts. Such manipulation leads to command injection.

This vulnerability is listed as CVE-2026-4192. The attack may be performed from remote. In addition, an exploit is available.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2026-4192 | AvinashBole quip-mcp-server 1.0.0 src/index.ts setupToolHandlers command injection

Post correlati

CVE-2024-1010 | SourceCodester Employee Management System 1.0 edit-profile.php cross site scripting

CVE-2024-47011 | Ivanti Avalanche up to 6.4.4 path traversal

CVE-2023-35659 | Google Android devicemem_server.c DevmemIntChangeSparse behavioral workflow

CVE-2026-2172 | code-projects Online Application System for Admission 1.0 Login Endpoint enrollment/index.php sql injection