Skip to main content

FastlyMCP CVE-2026-7220

| EUVDEUVD-2026-25977 MEDIUM
OS Command Injection (CWE-78)
2026-04-28 VulDB
5.5
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

8
CVSS changed
Apr 29, 2026 - 01:12 NVD
6.9 (MEDIUM) 5.5 (MEDIUM)
PoC Detected
Apr 29, 2026 - 01:00 vuln.today
Public exploit code
Analysis Generated
Apr 28, 2026 - 04:30 vuln.today
Severity Changed
Apr 28, 2026 - 04:22 NVD
HIGH MEDIUM
CVSS changed
Apr 28, 2026 - 04:22 NVD
7.3 (HIGH) 6.9 (MEDIUM)
EUVD ID Assigned
Apr 28, 2026 - 04:15 euvd
EUVD-2026-25977
Analysis Generated
Apr 28, 2026 - 04:15 vuln.today
CVE Published
Apr 28, 2026 - 03:15 nvd
MEDIUM 5.5

DescriptionCVE.org

A vulnerability has been found in jackwrichards FastlyMCP up to 6f3d0b0e654fc51076badc7fa16c03c461f95620. This impacts an unknown function of the file fastly-mcp.mjs of the component fastly_cli Tool. The manipulation of the argument command leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The project was informed of the problem early through an issue report but has not responded yet.

AnalysisAI

OS command injection in jackwrichards FastlyMCP allows remote unauthenticated attackers to execute arbitrary system commands via manipulation of the command argument in the fastly_cli Tool component. The vulnerability exists in fastly-mcp.mjs and has been disclosed publicly with exploit code available, though the project operates on a rolling release model with no versioned releases and has not yet responded to early disclosure notifications.

Technical ContextAI

FastlyMCP is a Model Context Protocol (MCP) server that provides integration with Fastly services through a command-line interface tool (fastly_cli). The vulnerability resides in the fastly-mcp.mjs file where user-supplied command arguments are passed to OS command execution functions without proper sanitization or validation. This is a classic OS command injection vulnerability (CWE-78) where shell metacharacters and command separators in the command argument are not escaped or filtered, allowing attackers to break out of the intended command context and inject arbitrary shell commands. The CPE indicates the entire FastlyMCP product line (all versions) is affected due to the rolling release model used by the project.

RemediationAI

No vendor-released patch identified at time of analysis. Since the project has not responded to early disclosure and operates on a rolling release model, monitor the FastlyMCP GitHub repository (https://github.com/jackwrichards/FastlyMCP/) for commits addressing the command injection in fastly-mcp.mjs. As an immediate mitigation, implement network-level access controls to restrict FastlyMCP services to trusted internal networks and authenticated users only; do not expose FastlyMCP endpoints to untrusted or public networks. Additionally, review all instances of FastlyMCP usage and consider sandboxing the service in a container or virtual machine with minimal OS privileges and restricted outbound network access to limit the impact of successful command injection. Validate and sanitize all command arguments passed to the fastly_cli Tool component using allowlist-based input validation (e.g., only permit alphanumeric characters and specific delimiters expected by Fastly API calls). The trade-off of strict input validation is reduced feature flexibility if legitimate use cases require special characters; coordinate with users before enforcement.

Share

CVE-2026-7220 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy