CVE-2026-3680 RyuzakiShinji biome-mcp-server biome-mcp-server.ts command injection

A security flaw has been discovered in RyuzakiShinji biome-mcp-server up to 1.0.0. Affected by this issue is some unknown functionality of the file biome-mcp-server.ts. Performing a manipulation results in command injection. The attack can be initiated remotely. The exploit has been released to t...

Biome MCP Server 命令注入漏洞

Biome MCP Server is a code inspection and formatting tool developed by Ryuzaki Shinji individually. Versions of Biome MCP Server 1.0.0 and earlier have a command injection vulnerability, which stems from incorrect handling of the file biome-mcp-server.ts, potentially leading to command injection...

PT-2026-23889

Name of the Vulnerable Software and Affected Versions RyuzakiShinji biome-mcp-server versions up to 1.0.0 Description A security flaw exists in RyuzakiShinji biome-mcp-server up to version 1.0.0, related to an unknown functionality within the biome-mcp-server.ts file. A manipulation of this...