CVE-2026-5621 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A vulnerability was found in ChrisChinchilla Vale-MCP up to 0.1.0. Affected by this vulnerability is an unknown functionality of the file src/index.ts of the co…
Medium CVSS: 4.8

CVE-2026-5621

A vulnerability was found in ChrisChinchilla Vale-MCP up to 0.1.0. Affected by this vulnerability is an unknown functionality of the file src/index.ts of the component HTTP Interface. The manipulation of the argument config_path results in os command injection. Attacking locally is a requirement. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
Vendor
-
Product
-
CWE
CWE-77
Yayın Tarihi
2026-04-06 05:16:02
Güncelleme
2026-04-06 05:16:02
Source Identifier
cna@vuldb.com
KEV Date Added
-

Kategoriler

CWE-77 MEDIUM 2026

Referanslar

https://github.com/wing3e/public_exp/issues/27 https://vuldb.com/submit/785591 https://vuldb.com/vuln/355411 https://vuldb.com/vuln/355411/cti