Skip to main content

dvladimirov MCP EUVDEUVD-2026-25964

| CVE-2026-7211 MEDIUM
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') (CWE-74)
2026-04-28 cna@vuldb.com
5.5
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

5
CVSS changed
Apr 29, 2026 - 01:12 NVD
6.9 (MEDIUM) 5.5 (MEDIUM)
Analysis Generated
Apr 28, 2026 - 01:32 vuln.today
EUVD ID Assigned
Apr 28, 2026 - 01:22 euvd
EUVD-2026-25964
Analysis Generated
Apr 28, 2026 - 01:22 vuln.today
CVE Published
Apr 28, 2026 - 01:16 nvd
MEDIUM 5.5

DescriptionCVE.org

A weakness has been identified in dvladimirov MCP up to 0.1.0. The impacted element is the function GitSearchRequest of the file mcp_server.py of the component Git Search API. Executing a manipulation of the argument repo_url/pattern can lead to command injection. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.

AnalysisAI

Command injection in dvladimirov MCP up to version 0.1.0 allows remote unauthenticated attackers to execute arbitrary system commands via manipulation of the repo_url or pattern arguments in the GitSearchRequest function of mcp_server.py. The vulnerability has a publicly available exploit and CVSS 6.9 score indicating moderate severity with network-accessible attack vector and low complexity, though the vendor has not responded to the early disclosure.

Technical ContextAI

The dvladimirov MCP project implements a Git Search API component in mcp_server.py. The GitSearchRequest function processes user-supplied input parameters (repo_url and pattern) without proper sanitization before passing them to system command execution. This is a classical OS command injection vulnerability (CWE-74: Improper Neutralization of Special Elements used in an OS Command) where user input is directly concatenated into shell commands without escaping or parameterized execution. The vulnerability affects the Git Search API interface which is exposed remotely, making it accessible over the network to unauthenticated users.

RemediationAI

No vendor-released patch identified at time of analysis. Immediate mitigations include: (1) disable or restrict network access to the Git Search API endpoint in mcp_server.py to trusted networks only via firewall rules or authentication reverse proxy, reducing attack vector from AV:N to AV:L; (2) implement strict input validation and sanitization for repo_url and pattern parameters using allowlisting (only permit alphanumeric characters, forward slashes, and hyphens for repo URLs; reject shell metacharacters like |, &, ;, $, `, backticks); (3) refactor GitSearchRequest to use parameterized subprocess execution (subprocess.run with list arguments and shell=False) instead of shell-based command construction, which eliminates OS command injection risk entirely; (4) run the MCP service with minimal privileges (dedicated non-root user account) to limit impact of successful code execution. Monitor https://github.com/dvladimirov/MCP/ for security updates. If input validation is deployed, test thoroughly with fuzzing to confirm shell metacharacter rejection.

Share

EUVD-2026-25964 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy