CVE-2026-7215 | egtai gmx-vmd-mcp up to 0.1.0 VMD Launch mcp_server.py launch_vmd_gui_tool structure_file/trajectory_file command injection

A vulnerability classified as critical was found in egtai gmx-vmd-mcp up to 0.1.0. This issue affects the function launch_vmd_gui_tool of the file mcp_server.py of the component VMD Launch Handler. The manipulation of the argument structure_file/trajectory_file results in command injection.

This vulnerability is cataloged as CVE-2026-7215. The attack may be launched remotely. Furthermore, there is an exploit available.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2026-7215 | egtai gmx-vmd-mcp up to 0.1.0 VMD Launch mcp_server.py launch_vmd_gui_tool structure_file/trajectory_file command injection

Post correlati

CVE-2018-25267 | UltraISO 9.7.1.3519 out-of-bounds write (Exploit 45996)

VDB-246506 | CrushFTP up to 10.5.4 improper authentication

CVE-2024-11059 | Project Worlds Free Download Online Shopping System up to 192.168.1.88 success.php id sql injection

CVE-2026-24846 | chainguard-dev malcontent up to 1.20.2 Tar handleSymlink path traversal (GHSA-923j-vrcg-hxwh)