CVE-2026-25905
Awaiting Analysis Awaiting Analysis - Queue
Code Injection in mcp-run-python Allows MCP Server Hijacking

Publication date: 2026-02-09

Last updated on: 2026-02-09

Assigner: JFrog

Description
The Python code being run by 'runPython' or 'runPythonAsync' is not isolated from the rest of the JS code, allowing any Python code to use the Pyodide APIs to modify the JS environment. This may result in an attacker hijacking the MCP server - for malicious purposes including MCP tool shadowing. Note - the "mcp-run-python" project is archived and unlikely to receive a fix.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-09
Last Modified
2026-02-09
Generated
2026-06-16
AI Q&A
2026-02-09
EPSS Evaluated
2026-06-15
NVD
CVE-2026-25905
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
jfrog mcp-run-python *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-653 The product does not properly compartmentalize or isolate functionality, processes, or resources that require different privilege levels, rights, or permissions.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability occurs because the Python code executed by the functions 'runPython' or 'runPythonAsync' is not isolated from the JavaScript environment. As a result, any Python code can access and use the Pyodide APIs to modify the JavaScript environment.

This lack of isolation allows an attacker to potentially hijack the MCP server, which could be used for malicious purposes such as MCP tool shadowing.

It is important to note that the affected project, 'mcp-run-python', is archived and unlikely to receive a fix.

Impact Analysis

The vulnerability can allow an attacker to hijack the MCP server by exploiting the ability to run Python code that modifies the JavaScript environment.

Such hijacking can lead to malicious activities including MCP tool shadowing, which may compromise the integrity and security of the server and its operations.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

I don't know

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-25905. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart