CVE-2026-22785
Code Injection via Unvalidated Summary in orval MCP Server
Publication date: 2026-01-12
Last updated on: 2026-02-26
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| orval | orval | to 7.18.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-77 | The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a code injection issue in the MCP server generation logic of the Orval package (version 7.17.2 and earlier). It occurs because the 'summary' field from an OpenAPI specification is incorporated into generated code without proper validation or escaping. An attacker can craft a malicious 'summary' field that breaks out of the intended string literal and injects arbitrary code, which then gets executed during code generation. [2]
How can this vulnerability impact me? :
This vulnerability can allow an attacker to execute arbitrary code on your system during the code generation process with Orval. For example, malicious commands embedded in the 'summary' field of an OpenAPI specification could run system commands, potentially leading to unauthorized actions such as running unwanted applications or compromising system integrity. [2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by inspecting OpenAPI specification files (YAML or JSON) used with Orval, specifically checking the 'summary' fields for suspicious or malicious code injections. Since the vulnerability involves code injection via the 'summary' field, you can search for suspicious patterns or code snippets in these files before processing them with Orval. There are no specific network detection commands provided. A suggested command to detect suspicious 'summary' fields in OpenAPI files could be: grep -r "summary:" path/to/openapi/specs | grep -E "\+ require\(|execSync|child_process" to find potentially malicious code injections in the summary fields. [2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include upgrading the @orval/mcp package to version 7.18.0 or later, where the vulnerability is fixed by properly escaping strings in the MCP server generation logic. Additionally, manually inspect and sanitize your OpenAPI YAML/JSON specification files to ensure that the 'summary' fields do not contain malicious code before processing them with Orval. Avoid using untrusted OpenAPI specifications until the package is updated. [1, 2]