VYPR

Files

by User Attachments

CVEs (37)

  • CVE-2026-5327MedApr 2, 2026
    risk 0.41cvss 6.3epss 0.01

    A security flaw has been discovered in efforthye fast-filesystem-mcp up to 3.5.1. The affected element is the function handleGetDiskUsage of the file src/index.ts. Performing a manipulation results in command injection. The attack is possible to be carried out remotely. The…

  • CVE-2026-4192MedMar 16, 2026
    risk 0.41cvss 6.3epss 0.01

    A vulnerability has been found in AvinashBole quip-mcp-server 1.0.0. Affected by this vulnerability is the function setupToolHandlers of the file src/index.ts. Such manipulation leads to command injection. The attack may be performed from remote. The exploit has been disclosed…

  • CVE-2026-3680MedMar 7, 2026
    risk 0.41cvss 6.3epss 0.01

    A security flaw has been discovered in RyuzakiShinji biome-mcp-server up to 1.0.0. Affected by this issue is some unknown functionality of the file biome-mcp-server.ts. Performing a manipulation results in command injection. The attack can be initiated remotely. The exploit has…

  • CVE-2026-7629MedMay 2, 2026
    risk 0.34cvss 6.3epss 0.01

    A flaw has been found in kleneway awesome-cursor-mpc-server up to 2.0.1. Impacted is the function runCodeReviewTool of the file src/tools/codeReview.ts of the component Ccode-Review Tool. Executing a manipulation can lead to command injection. The attack may be launched…

  • CVE-2026-7628MedMay 2, 2026
    risk 0.34cvss 6.3epss 0.01

    A vulnerability was detected in crazyrabbitLTC mcp-code-review-server up to 0.1.0. This issue affects the function executeRepomix of the file src/repomix.ts of the component RepoMix Command Handler. Performing a manipulation results in command injection. The attack may be…

  • CVE-2026-5007MedMar 28, 2026
    risk 0.34cvss 5.3epss 0.01

    A vulnerability was identified in kazuph mcp-docs-rag up to 0.5.0. Affected is the function cloneRepository of the file src/index.ts of the component add_git_repository/add_text_file. The manipulation leads to os command injection. The attack needs to be performed locally. The…

  • CVE-2026-4016MedMar 12, 2026
    risk 0.34cvss 5.3epss 0.00

    A security vulnerability has been detected in GPAC 26.03-DEV. Affected by this vulnerability is the function svgin_process of the file src/filters/load_svg.c of the component SVG Parser. The manipulation leads to out-of-bounds write. Local access is required to approach this…

  • CVE-2026-4015MedMar 12, 2026
    risk 0.34cvss 5.3epss 0.00

    A weakness has been identified in GPAC 26.03-DEV. Affected is the function txtin_process_texml of the file src/filters/load_text.c of the component TeXML File Parser. Executing a manipulation can lead to stack-based buffer overflow. It is possible to launch the attack on the…

  • CVE-2026-3959MedMar 11, 2026
    risk 0.34cvss 5.3epss 0.01

    A vulnerability was found in 0xKoda WireMCP up to 7f45f8b2b4adeb76be8c6227eefb38533fdd6b1e. Impacted is the function server.tool of the file index.js of the component Tshark CLI Command Handler. The manipulation results in os command injection. The attack needs to be approached…

  • CVE-2025-11015MedSep 26, 2025
    risk 0.34cvss 5.3epss 0.00

    A weakness has been identified in OGRECave Ogre up to 14.4.1. Impacted is the function STBIImageCodec::encode of the file /ogre/PlugIns/STBICodec/src/OgreSTBICodec.cpp. This manipulation causes mismatched memory management routines. The attack is restricted to local execution.…

  • CVE-2025-10824MedSep 23, 2025
    risk 0.34cvss 5.3epss 0.00

    A vulnerability was determined in axboe fio up to 3.41. This impacts the function __parse_jobs_ini of the file init.c. Executing manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized.

  • CVE-2025-3791MedApr 18, 2025
    risk 0.34cvss 5.3epss 0.00

    A vulnerability classified as critical was found in symisc UnQLite up to 957c377cb691a4f617db9aba5cc46d90425071e2. This vulnerability affects the function jx9MemObjStore of the file /data/src/benchmarks/unqlite/unqlite.c. The manipulation leads to heap-based buffer overflow. It…

  • CVE-2026-5833MedApr 9, 2026
    risk 0.28cvss 5.3epss 0.01

    A security vulnerability has been detected in awwaiid mcp-server-taskwarrior up to 1.0.1. This impacts the function server.setRequestHandler of the file index.ts. Such manipulation of the argument Identifier leads to command injection. The attack must be carried out locally. The…

  • CVE-2026-5603MedApr 5, 2026
    risk 0.28cvss 5.3epss 0.01

    A vulnerability was identified in elgentos magento2-dev-mcp up to 1.0.2. The affected element is the function executeMagerun2Command of the file src/index.ts. Such manipulation leads to os command injection. An attack has to be approached locally. The exploit is publicly…

  • CVE-2026-5602MedApr 5, 2026
    risk 0.28cvss 5.3epss 0.01

    A vulnerability was determined in Nor2-io heim-mcp up to 0.1.3. Impacted is the function registerTools of the file src/tools.ts of the component new_heim_application/deploy_heim_application/deploy_heim_application_to_cloud. This manipulation causes os command injection. The…

  • CVE-2026-5661MedApr 6, 2026
    risk 0.27cvss 5.3epss 0.00

    A vulnerability was identified in Free5GC 4.2.0. This affects an unknown function of the component NGSetupRequest Handler. Such manipulation leads to denial of service. The attack may be launched remotely. The exploit is publicly available and might be used.

  • CVE-2026-5125MedMar 30, 2026
    risk 0.27cvss 5.3epss 0.01

    A vulnerability was detected in raine consult-llm-mcp up to 2.5.3. Affected by this vulnerability is the function child_process.execSync of the file src/server.ts. The manipulation of the argument git_diff.base_ref/git_diff.files results in os command injection. The attack is…

  • CVE-2026-4496MedMar 20, 2026
    risk 0.27cvss 5.3epss 0.01

    A vulnerability was found in sigmade Git-MCP-Server up to 785aa159f262a02d5791a5d8a8e13c507ac42880. Affected by this vulnerability is the function child_process.exec of the file src/gitUtils.ts of the component show_merge_diff/quick_merge_summary/show_file_diff. The manipulation…

  • CVE-2026-4199MedMar 16, 2026
    risk 0.27cvss 5.3epss 0.01

    A vulnerability was identified in bazinga012 mcp_code_executor up to 0.3.0. Affected by this issue is the function installDependencies of the file src/index.ts. Such manipulation leads to command injection. The attack can only be performed from a local environment. The exploit…

  • CVE-2026-4198MedMar 16, 2026
    risk 0.27cvss 5.3epss 0.01

    A vulnerability was determined in hypermodel-labs mcp-server-auto-commit 1.0.0. Affected by this vulnerability is the function getGitChanges of the file index.ts. This manipulation causes command injection. The attack can only be executed locally. The exploit has been publicly…

Page 1 of 2