CVE-2026-7812 | 54yyyu code-mcp up to 4cfc4643541a110c906d93635b391bf7e357f4a8 MCP Tool src/code_mcp/server.py git_operation command injection

A vulnerability marked as critical has been reported in 54yyyu code-mcp up to 4cfc4643541a110c906d93635b391bf7e357f4a8. The impacted element is the function git_operation of the file src/code_mcp/server.py of the component MCP Tool. Performing a manipulation of the argument operation results in command injection.

This vulnerability is identified as CVE-2026-7812. The attack can be initiated remotely. Additionally, an exploit exists.

Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2026-7812 | 54yyyu code-mcp up to 4cfc4643541a110c906d93635b391bf7e357f4a8 MCP Tool src/code_mcp/server.py git_operation command injection

Post correlati

CVE-2025-13046 | ViewLead Bacteriology Laboratory Reporting System sql injection

CVE-2025-22832 | AMI AptioV prior 5.040 BIOS out-of-bounds write

CVE-2025-10827 | PHPJabbers Restaurant Menu Maker up to 1.1 /preview.php theme cross site scripting

CVE-2025-21617 | guzzle oauth-subscriber up to 0.8.0 Nonce weak prng