CVE-2026-6130

A flaw has been found in chatboxai chatbox up to 1.20.0. This impacts the function StdioClientTransport of the file src/main/mcp/ipc-stdio-transport.ts of the component Model Context Protocol Server Management System. Executing a manipulation of the argument args/env can lead to os command...

mcp-stdio-exploit

MCP STDIO Exploit: A Local Reimplementation Vulnerability...

GHSA-V4P8-MG3P-G94G LiteLLM: Authenticated command execution via MCP stdio test endpoints

Impact Two endpoints used to preview an MCP server before saving it — POST /mcp-rest/test/connection and POST /mcp-rest/test/tools/list — accepted a full server configuration in the request body, including the command, args, and env fields used by the stdio transport. When called with a stdio...

PT-2026-37190

Name of the Vulnerable Software and Affected Versions n8n-mcp versions prior to 2.47.13 Description When running in HTTP transport mode, authenticated tools/call requests have their full arguments and JSON-RPC parameters written to server logs by the request dispatcher and related code paths befo...

EUVD-2026-21746

A flaw has been found in chatboxai chatbox up to 1.20.0. This impacts the function StdioClientTransport of the file src/main/mcp/ipc-stdio-transport.ts of the component Model Context Protocol Server Management System. Executing a manipulation of the argument args/env can lead to os command...

CVE-2026-6130 chatboxai chatbox Model Context Protocol Server Management System ipc-stdio-transport.ts StdioClientTransport os command injection

A flaw has been found in chatboxai chatbox up to 1.20.0. This impacts the function StdioClientTransport of the file src/main/mcp/ipc-stdio-transport.ts of the component Model Context Protocol Server Management System. Executing a manipulation of the argument args/env can lead to os command...

CVE-2026-6130

A flaw has been found in chatboxai chatbox up to 1.20.0. This impacts the function StdioClientTransport of the file src/main/mcp/ipc-stdio-transport.ts of the component Model Context Protocol Server Management System. Executing a manipulation of the argument args/env can lead to os command...

CVE-2026-6130

CVE-2026-6130 affects chatboxai up to version 1.20.0, impacting the StdioClientTransport function in src/main/mcp/ipc-stdio-transport.ts within the Model Context Protocol Server Management System. The root cause is a flaw where manipulating the argument list (args/env) enables os command injectio...

Chatbox 操作系统命令注入漏洞

Chatbox is a chat software developed by Shafqat Hasan. Versions of Chatbox 1.20.0 and earlier contained a vulnerability related to operating system command injection. This vulnerability stemmed from incorrect handling of the parameters args and env in the file src/main/mcp/ipc-stdio-transport.ts,...

metasploit-mcp

metasploit-mcp Metasploit Framework MCP server for exploit ex...

CVE-2026-22252

LibreChat MCP stdio transport before v0.8.2-rc2 accepts arbitrary shell commands via a single API request, allowing authenticated users to execute commands as root inside the container. Affected component: LibreChat MCP stdio transport. Root cause: lack of input validation in the stdio transport ...

CVE-2026-22252 LibreChat MCP Stdio Remote Command Execution

LibreChat is a ChatGPT clone with additional features. Prior to v0.8.2-rc2, LibreChat's MCP stdio transport accepts arbitrary commands without validation, allowing any authenticated user to execute shell commands as root inside the container through a single API request. This vulnerability is fix...

📄 LibreChat MCP Remote Command Execution

LibreChat's Model Context Protocol MCP implementation contained a remote command execution vulnerability that allowed any authenticated user to execute commands as root on the Docker container. A single API request could trigger the exploit by taking advantage of the exposure of the stdio transpo...

GHSA-W48Q-CV73-MX4W Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default

The Model Context Protocol MCP TypeScript SDK does not enable DNS rebinding protection by default for HTTP-based servers. When an HTTP-based MCP server is run on localhost without authentication with StreamableHTTPServerTransport or SSEServerTransport and has not enabled...

DNS Rebinding

Overview Affected versions of this package are vulnerable to DNS Rebinding due to insufficient validation of the Host and Origin headers. An attacker can gain unauthorized access to sensitive data by luring a victim to a malicious website, enabling the attacker to read information from the report...