Duplicate Advisory: OpenClaw: MCP stdio server env could load dangerous startup variables from workspace config

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-mj59-h3q9-ghfh. This link is maintained to preserve external references. Original Description OpenClaw before 2026.4.20 contains an improper environment variable validation vulnerability in MCP stdio server...

GHSA-P3M6-JR2H-HHXJ Duplicate Advisory: OpenClaw: MCP stdio server env could load dangerous startup variables from workspace config

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-mj59-h3q9-ghfh. This link is maintained to preserve external references. Original Description OpenClaw before 2026.4.20 contains an improper environment variable validation vulnerability in MCP stdio server...

CVE-2026-44995

OpenClaw before 2026.4.20 contains an improper environment variable validation vulnerability in MCP stdio server configuration that allows attackers to execute arbitrary code. Malicious workspace configurations can pass dangerous startup variables like NODEOPTIONS, LDPRELOAD, or BASHENV to spawne...

OpenClaw: MCP stdio server env could load dangerous startup variables from workspace config

Affected Packages / Versions - Package: openclaw npm - Affected versions: 2026.4.20 - Patched version: 2026.4.20 Impact Workspace MCP stdio configuration could pass dangerous process-startup environment variables such as NODEOPTIONS, LDPRELOAD, or BASHENV to the spawned MCP server process. In a...

CVE-2026-40933

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, due to unsafe serialization of stdio commands in the MCP adapter, an authenticated attacker can add an MCP stdio server with an arbitrary command, achieving command execution. The vulnerabilit...

CVE-2026-30625

Upsonic 0.71.6 contains a remote code execution vulnerability in its MCP server/task creation functionality. The application allows users to define MCP tasks with arbitrary command and args values. Although an allowlist exists, certain allowed commands npm, npx accept argument flags that enable...

LangChain-Chatchat 安全漏洞

LangChain-Chatchat is a chatbot software developed based on the LangChain framework, open-sourced by Chatchat-Space. Version 0.3.1 of LangChain-Chatchat contains a security vulnerability. This vulnerability stems from improper configuration and execution of the MCP STDIO server, which may allow...

Command Injection

Overview @akoskm/create-mcp-server-stdio is a MCP Server Starter kit using the StdioServerTransport Affected versions of this package are vulnerable to Command Injection via the which-app-on-port tool, which executes exec on user input. An attacker can execute arbitrary commands on the host syste...

vul-37

AgentUniverse MCP Command Injection Vulnerability Report S...

The vulnerability of the Mercurial version control software lies in its lack of access control mechanisms, allowing attackers to execute arbitrary code.

The vulnerability of the Mercurial version control software is related to deficiencies in access control using the command-line parameter “hg serve --stdio”. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely, using a Python debugger, by replacing the...