consult-llm-mcp 操作系统命令注入漏洞

consult-llm-mcp is a multi-model code consultation server developed by Raine Virta. Versions of consult-llm-mcp prior to 2.5.3 had an operating system command injection vulnerability. This vulnerability stemmed from incorrect operations with parameters gitdiff.baseref/gitdiff.files in the...