Product
A command injection vulnerability (CVE-2026-7220) exists in jackwrichards FastlyMCP allowing remote attackers to execute arbitrary OS commands by manipulating the command argument in the fastly-mcp.mjs file.