Product
high
advisory
54yyyu code-mcp Command Injection Vulnerability (CVE-2026-7812)
2 rules 1 TTP 1 CVEA command injection vulnerability (CVE-2026-7812) exists in the git_operation function of 54yyyu code-mcp's MCP Tool, allowing remote attackers to execute arbitrary commands by manipulating the operation argument.
code-mcp
command-injection
web-application
cve-2026-7812
2r
1t
1c
high
advisory
54yyyu code-mcp Path Traversal Vulnerability (CVE-2026-7811)
2 rules 1 TTP 1 CVEA path traversal vulnerability exists in the is_safe_path function of the MCP File Handler component in 54yyyu code-mcp, allowing remote attackers to access sensitive files.
code-mcp
path-traversal
web-application
CVE-2026-7811
2r
1t
1c