3 matches found
Remote Code Execution (RCE)
stata-mcp is vulnerable to Remote Code Execution RCE. The vulnerability is due to insufficient validation of user-supplied Stata do-file content, which allows an attacker to inject and execute arbitrary commands...
EUVD-2026-20475
stata-mcp has insufficient validation of user-supplied Stata do-file content that can lead to command execution...
CVE-2026-31040
A vulnerability was identified in stata-mcp prior to v1.13.0 where insufficient validation of user-supplied Stata do-file content can lead to command execution...