43 matches found
security-skills
Security Skills Security Skills is a Hermes Agent skill pack...
GHSA-PP6C-GR5W-3C5G vulnerabilities
Vulnerabilities for packages: semgrep, airflow, reflex...
CVE-2026-42561 vulnerabilities
Vulnerabilities for packages: semgrep, airflow, reflex...
GHSA-86HP-QXQP-W9WV mcp-server-semgrep has a Command Injection issue
A vulnerability was detected in VetCoders mcp-server-semgrep 1.0.0. This affects the function analyzeresults/filterresults/exportresults/compareresults/scandirectory/createrule of the file src/index.ts of the component MCP Interface. The manipulation of the argument ID results in os command...
Arbitrary Command Injection
Overview mcp-server-semgrep is a MCP Server for Semgrep Integration - static code analysis with AI Affected versions of this package are vulnerable to Arbitrary Command Injection via the analyzeresults, filterresults, exportresults, compareresults, scandirectory, or createrule functions in the MC...
mcp-server-semgrep has a Command Injection issue
A vulnerability was detected in VetCoders mcp-server-semgrep 1.0.0. This affects the function analyzeresults/filterresults/exportresults/compareresults/scandirectory/createrule of the file src/index.ts of the component MCP Interface. The manipulation of the argument ID results in os command...
CVE-2026-7446
A vulnerability was detected in VetCoders mcp-server-semgrep 1.0.0. This affects the function analyzeresults/filterresults/exportresults/compareresults/scandirectory/createrule of the file src/index.ts of the component MCP Interface. The manipulation of the argument ID results in os command...
CVE-2026-7446 VetCoders mcp-server-semgrep MCP index.ts create_rule os command injection
A vulnerability was detected in VetCoders mcp-server-semgrep 1.0.0. This affects the function analyzeresults/filterresults/exportresults/compareresults/scandirectory/createrule of the file src/index.ts of the component MCP Interface. The manipulation of the argument ID results in os command...
CVE-2026-7446 VetCoders mcp-server-semgrep MCP index.ts create_rule os command injection
A vulnerability was detected in VetCoders mcp-server-semgrep 1.0.0. This affects the function analyzeresults/filterresults/exportresults/compareresults/scandirectory/createrule of the file src/index.ts of the component MCP Interface. The manipulation of the argument ID results in os command...
EUVD-2026-26302
A vulnerability was detected in VetCoders mcp-server-semgrep 1.0.0. This affects the function analyzeresults/filterresults/exportresults/compareresults/scandirectory/createrule of the file src/index.ts of the component MCP Interface. The manipulation of the argument ID results in os command...
CVE-2026-7446
VetCoders mcp-server-semgrep version 1.0.0 is affected by CVE-2026-7446 in the MCP Interface. The vulnerability exists in the file src/index.ts (functions analyze_results, filter_results, export_results, compare_results, scan_directory, create_rule) where manipulation of the argument ID enables a...
PT-2026-36030
Name of the Vulnerable Software and Affected Versions VetCoders mcp-server-semgrep version 1.0.0 Description Remote OS command injection is possible within the MCP Interface component in the file src/index.ts. The issue occurs when the ID argument is manipulated, affecting the functions analyze...
MCP Server Semgrep 命令注入漏洞
MCP Server Semgrep is an AI assistant tool for integrated static code analysis, open-sourced by VetCoders. Version 1.0.0 of MCP Server Semgrep contains a command injection vulnerability. This vulnerability stems from the handling of parameter IDs in the...
GHSA-MJ87-HWQH-73PJ vulnerabilities
Vulnerabilities for packages: semgrep, kserve, airflow...
CVE-2026-40347 vulnerabilities
Vulnerabilities for packages: semgrep, kserve, airflow...
CVE-2026-32597 vulnerabilities
Vulnerabilities for packages: kserve, py3-cassandra-medusa, open-webui, superset, az, semgrep, airflow...
GHSA-752W-5FWX-JX9F vulnerabilities
Vulnerabilities for packages: kserve, py3-cassandra-medusa, open-webui, superset, az, semgrep, airflow...
CVE-2026-0994 vulnerabilities
Vulnerabilities for packages: kserve, tensorflow-cpu-jupyter, py3-cassandra-medusa, open-webui, mlflow, datadog-agent, mitmproxy, semgrep, py3-protobuf, kubeflow-katib, airflow...
GHSA-7GCM-G887-7QV7 vulnerabilities
Vulnerabilities for packages: kserve, tensorflow-cpu-jupyter, py3-cassandra-medusa, open-webui, mlflow, datadog-agent, mitmproxy, semgrep, py3-protobuf, kubeflow-katib, airflow...
CVE-2026-23949 vulnerabilities
Vulnerabilities for packages: kserve, py3-setuptools, py3-cassandra-medusa, tensorflow-cpu-jupyter, open-webui, emissary, superset, pypy-3.10, pypy-3.11, mlflow, datadog-agent, semgrep, kubeflow-jupyter-web-app, kubeflow-katib, dask-kubernetes, airflow...