CVE-2026-2130
Command Injection in mcp-maigret search_username Component
Publication date: 2026-02-08
Last updated on: 2026-03-05
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| burtthecoder | maigret_mcp_server | to 1.0.12 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-77 | The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component. |
| CWE-74 | The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': "CVE-2026-2130 is a command injection vulnerability in the mcp-maigret project, specifically in the search_username component. The vulnerability arises because the username parameter is passed directly to a shell-executed command using Node.js's exec() function, which allows an attacker to inject arbitrary commands by manipulating the username input."}, {'type': 'paragraph', 'content': 'The issue is caused by insufficient input validation and unsafe command execution methods that interpret user input as shell commands. This enables remote attackers to execute arbitrary commands on the affected system.'}, {'type': 'paragraph', 'content': 'The vulnerability was fixed by replacing exec() with execFile(), which executes commands without shell interpretation, and by implementing strict input validation rules restricting usernames to alphanumeric characters, underscores, hyphens, and periods with a maximum length of 100 characters. Additional validation and sanitization were applied to URLs, tags, and filenames to prevent injection.'}] [1, 4, 6, 7]
How can this vulnerability impact me? :
This vulnerability can allow an attacker to remotely execute arbitrary commands on the system running the vulnerable version of mcp-maigret. This can lead to unauthorized access, data compromise, system manipulation, or disruption of service.
- Compromise of system confidentiality, integrity, and availability.
- Potential unauthorized access to sensitive data or system resources.
- Execution of malicious commands that could disrupt or damage the system.
The vulnerability is exploitable remotely without user interaction and requires no authentication, increasing the risk and ease of exploitation.
Upgrading to version 1.0.13 mitigates these risks by applying input validation and safer command execution methods.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves monitoring for suspicious or malformed inputs to the search_username component, especially inputs to the Username argument that contain shell metacharacters or unexpected characters.
Since the vulnerability is a command injection via the Username parameter, one way to detect exploitation attempts is to look for unusual command executions or logs showing shell commands with injected payloads.
No explicit detection commands are provided in the resources, but general approaches include:
- Monitoring logs for errors or messages indicating invalid usernames or command execution failures.
- Using network monitoring tools to detect unusual outbound command executions or network connections initiated by the vulnerable service.
- Manually testing the search_username API or interface with inputs containing shell metacharacters (e.g., `;`, `&`, `|`) to see if command injection occurs (only in a safe test environment).
Because the vulnerability was fixed by replacing unsafe exec() calls with execFile() and adding strict input validation, checking the version of the software is also a key detection step.
What immediate steps should I take to mitigate this vulnerability?
The primary and recommended mitigation step is to upgrade the affected component mcp-maigret to version 1.0.13 or later, which contains the patch that fixes this vulnerability.
The patch includes multiple security improvements such as:
- Replacing the use of Node.js exec() with execFile() to avoid shell command injection.
- Implementing strict input validation for usernames, URLs, and tags to allow only safe characters and limit input length.
- Executing Docker commands with argument arrays instead of concatenated strings to prevent injection.
- Sanitizing filenames derived from user inputs.
Additionally, it is advisable to review and validate environment variables such as MAIGRET_REPORTS_DIR to ensure they do not contain malicious content.
If upgrading immediately is not possible, restrict access to the vulnerable service to trusted users and monitor for suspicious activity.