CVE-2026-30618
The CVE-2026-30618 entry concerns xszyou Fay 4.3.1, where the MCP STDIO server management/command execution handling exposes a remote code execution path. A remote attacker can access the publicly exposed MCP management interface, configure an MCP STDIO server with attacker-controlled commands, a...