Arbitrary Command Injection

@orval/mcp is vulnerable to Arbitrary Command Injection. The vulnerability is due to improper validation and escaping of the OpenAPI specification summary field during MCP server generation, which allows an attacker to break out of string literals and inject arbitrary code...

orval MCP client is vulnerable to a code injection attack.

Impact The MCP server generation logic relies on string manipulation that incorporates the summary field from the OpenAPI specification without proper validation or escaping. This allows an attacker to "break out" of the string literal and inject arbitrary code. Here is an example OpenAPI with th...

CVE-2026-22785

Summary: Orval (MCP client/server code path) is vulnerable to arbitrary code execution via unsanitized input in OpenAPI specs. The CVE-2026-22785/MCP issue arises from string-manipulation in the MCP server generation logic that embeds the summary field without proper validation/escaping, allowing...

PT-2026-2296

Name of the Vulnerable Software and Affected Versions orval versions prior to 7.18.0 Description orval generates type-safe JS clients TypeScript from OpenAPI specifications. Before version 7.18.0, the server generation logic in the MCP component used string manipulation on the summary field from...

orval 命令注入漏洞

Orval is an interface development tool from Orval Open Source. A command injection vulnerability exists in versions prior to orval 7.18.0 that stems from the MCP server generation logic not properly validating or escaping the summary field of the OpenAPI specification, which could lead to arbitra...