CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

RedhatCVE•added 2026/06/05 7:19 p.m.•6 views

CVE-2026-5029

A remote code execution vulnerability exists in Code Runner MCP Server when run with the --transport http option, which exposes the /mcp JSON-RPC endpoint without authentication on port 3088. An unauthenticated remote attacker can invoke the run-code MCP tool to supply arbitrary source code and...

8.7CVSS6.6AI score0.00074EPSS

Exploits0References1

EUVD•added 2026/05/12 12:32 p.m.•7 views

EUVD-2026-29437

8.7CVSS6.6AI score0.00074EPSS

Exploits0References2

NVD•added 2026/05/12 10:16 a.m.•9 views

CVE-2026-5029

8.7CVSS0.00074EPSS

Exploits0References1

Cvelist•added 2026/05/12 9:1 a.m.•34 views

CVE-2026-5029 RCE in Code Runner MCP Server

8.7CVSS0.00074EPSS

Exploits0References1

ATTACKERKB•added 2026/05/12 9:1 a.m.•6 views

CVE-2026-5029

8.7CVSS6.6AI score0.00074EPSS

Exploits0References2

CVE•added 2026/05/12 9:1 a.m.•13 views

CVE-2026-5029

CVE-2026-5029 affects Code Runner MCP Server when run with --transport http, exposing the /mcp JSON-RPC endpoint on port 3088 without authentication. An unauthenticated attacker can invoke the run-code MCP tool to supply arbitrary source code and execute it via child_process.exec() using the spec...

8.7CVSS6.6AI score0.00074EPSS

Exploits0References1

Positive Technologies•added 2026/05/12 12:0 a.m.•6 views

PT-2026-39994

8.7CVSS6.6AI score0.00074EPSS

Exploits0References2

CNNVD•added 2026/05/12 12:0 a.m.•3 views

Code Runner MCP Server 访问控制错误漏洞

Code Runner MCP Server is a multi-language code execution and result display tool developed by Jun Han. There is an access control vulnerability in Code Runner MCP Server. This vulnerability arises when the --transport http option is used, exposing an unauthenticated /mcp JSON-RPC endpoint on por...

8.7CVSS6.5AI score0.00074EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by