3 matches found
EUVD-2026-17146
A vulnerability was detected in raine consult-llm-mcp up to 2.5.3. Affected by this vulnerability is the function childprocess.execSync of the file src/server.ts. The manipulation of the argument gitdiff.baseref/gitdiff.files results in os command injection. The attack is only possible with local...
consult-llm-mcp 操作系统命令注入漏洞
consult-llm-mcp is a multi-model code consultation server developed by Raine Virta. Versions of consult-llm-mcp prior to 2.5.3 had an operating system command injection vulnerability. This vulnerability stemmed from incorrect operations with parameters gitdiff.baseref/gitdiff.files in the...
PT-2026-29087
A vulnerability was detected in raine consult-llm-mcp up to 2.5.3. Affected by this vulnerability is the function child process.execSync of the file src/server.ts. The manipulation of the argument git diff.base ref/git diff.files results in os command injection. The attack is only possible with...