8 matches found
EUVD-2026-19170
A vulnerability was found in ChrisChinchilla Vale-MCP up to 0.1.0. Affected by this vulnerability is an unknown functionality of the file src/index.ts of the component HTTP Interface. The manipulation of the argument configpath results in os command injection. Attacking locally is a requirement...
CVE-2026-5621
A vulnerability was found in ChrisChinchilla Vale-MCP up to 0.1.0. Affected by this vulnerability is an unknown functionality of the file src/index.ts of the component HTTP Interface. The manipulation of the argument configpath results in os command injection. Attacking locally is a requirement...
CVE-2026-5621 ChrisChinchilla Vale-MCP HTTP index.ts os command injection
A vulnerability was found in ChrisChinchilla Vale-MCP up to 0.1.0. Affected by this vulnerability is an unknown functionality of the file src/index.ts of the component HTTP Interface. The manipulation of the argument configpath results in os command injection. Attacking locally is a requirement...
CVE-2026-5621
A vulnerability was found in ChrisChinchilla Vale-MCP up to 0.1.0. Affected by this vulnerability is an unknown functionality of the file src/index.ts of the component HTTP Interface. The manipulation of the argument configpath results in os command injection. Attacking locally is a requirement...
CVE-2026-5621 ChrisChinchilla Vale-MCP HTTP index.ts os command injection
A vulnerability was found in ChrisChinchilla Vale-MCP up to 0.1.0. Affected by this vulnerability is an unknown functionality of the file src/index.ts of the component HTTP Interface. The manipulation of the argument configpath results in os command injection. Attacking locally is a requirement...
CVE-2026-5621
CVE-2026-5621 affects ChrisChinchilla Vale-MCP up to version 0.1.0. The vulnerability targets the HTTP Interface, specifically the file src/index.ts, where manipulation of the argument config_path enables an OS command injection. An attacker must be local to exploit it. The exploit is public, and...
Vale MCP Server 操作系统命令注入漏洞
The Vale MCP Server is an AI assistant protocol server with integrated syntax checking capabilities, developed by Chris Chinchilla. Versions of the Vale MCP Server prior to 0.1.0 contained a vulnerability related to operating system command injection. This vulnerability stemmed from improper...
PT-2026-30564
Name of the Vulnerable Software and Affected Versions ChrisChinchilla Vale-MCP versions up to 0.1.0 Description A vulnerability exists in ChrisChinchilla Vale-MCP up to version 0.1.0, specifically within the file src/index.ts of the HTTP Interface component. The manipulation of the config path...