Codebase Mcp
Monthly
OS command injection in DeDeveloper23 codebase-mcp allows local authenticated attackers to execute arbitrary system commands through the getCodebase, getRemoteCodebase, and saveCodebase functions in src/tools/codebase.ts. The vulnerability affects all versions up to commit 3ec749d237dd8eabbeef48657cf917275792fde6, with publicly available exploit code disclosed via GitHub issue #7. Given the local attack requirement and authenticated privilege escalation prerequisite (PR:L), real-world exploitation requires an already-compromised local account with legitimate tool access, though EPSS score of 5.3 reflects moderate practical risk in shared development environments.
OS command injection in DeDeveloper23 codebase-mcp allows local authenticated attackers to execute arbitrary system commands through the getCodebase, getRemoteCodebase, and saveCodebase functions in src/tools/codebase.ts. The vulnerability affects all versions up to commit 3ec749d237dd8eabbeef48657cf917275792fde6, with publicly available exploit code disclosed via GitHub issue #7. Given the local attack requirement and authenticated privilege escalation prerequisite (PR:L), real-world exploitation requires an already-compromised local account with legitimate tool access, though EPSS score of 5.3 reflects moderate practical risk in shared development environments.