CVE-2026-7446 | VetCoders mcp-server-semgrep 1.0.0 MCP Interface src/index.ts ID os command injection

A vulnerability categorized as critical has been discovered in VetCoders mcp-server-semgrep 1.0.0. This affects the function analyze_results/filter_results/export_results/compare_results/scan_directory/create_rule of the file src/index.ts of the component MCP Interface. The manipulation of the argument ID results in os command injection.

This vulnerability is identified as CVE-2026-7446. The attack can be executed remotely. Additionally, an exploit exists.

It is advisable to upgrade the affected component.

CVE-2026-7446 | VetCoders mcp-server-semgrep 1.0.0 MCP Interface src/index.ts ID os command injection

Post correlati

CVE-2024-7289 | SourceCodester Establishment Billing Management System 1.0 /manage_payment.php id sql injection

CVE-2026-32176 | Microsoft SQL Server 2016/2017/2019/2022/2025 sql injection

CVE-2025-11926 | Related Posts Lite Plugin up to 1.12 on WordPress Setting cross site scripting

CVE-2025-27053 | Qualcomm Snapdragon Auto up to XR1 Platform PlayReady APP Usecase buffer size