Tag
The Cortex MCP server (`neuro-cortex-memory`) is vulnerable to local arbitrary code execution (CVE-2026-49986) when a user opens an attacker-controlled project in the Claude Code IDE and invokes the `open_visualization` tool, allowing an attacker to execute arbitrary Python code with the victim's local user privileges by manipulating the `CLAUDE_PROJECT_DIR` environment variable.