CVE-2026-30861
Unauthenticated RCE in WeKnora MCP stdio Configuration
Publication date: 2026-03-07
Last updated on: 2026-03-09
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| tencent | weknora | From 0.2.5 (inc) to 0.2.10 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-78 | The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': 'CVE-2026-30861 is a critical unauthenticated remote code execution (RCE) vulnerability in the MCP stdio configuration validation of the WeKnora framework, affecting versions from 0.2.5 up to but not including 0.2.10.'}, {'type': 'paragraph', 'content': 'The vulnerability arises because the application allows unrestricted user registration, enabling any attacker to create an account and exploit a command injection flaw.'}, {'type': 'paragraph', 'content': 'Although the application attempts to whitelist allowed commands (only "npx" and "uvx") and blacklist dangerous arguments and environment variables, the validation can be bypassed using the "-p" flag with "npx node".'}, {'type': 'paragraph', 'content': "This bypass allows attackers to execute arbitrary JavaScript code and commands with the application's privileges, leading to complete system compromise."}, {'type': 'paragraph', 'content': 'The issue was patched in version 0.2.10 by disabling the stdio-based MCP server entirely.'}] [1]
How can this vulnerability impact me? :
This vulnerability allows unauthenticated attackers to execute arbitrary commands on the server with the full privileges of the application.
The impact includes complete server compromise, which can lead to data breaches, installation of malware, creation of backdoors, ransomware attacks, and lateral movement within the network.
Because the application allows unrestricted user registration without verification or rate limiting, any attacker can exploit this flaw remotely without prior access.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This vulnerability can be detected by reviewing logs for signs of exploitation since version 0.2.5, monitoring for suspicious MCP configurations, and checking for unauthorized file creation on the system.'}, {'type': 'list_item', 'content': 'Look for creation of unexpected files such as /tmp/pwned.txt or other suspicious files indicating arbitrary command execution.'}, {'type': 'list_item', 'content': "Check MCP service configurations for stdio_config commands using 'npx' with arguments containing the '-p' flag, which bypasses validation."}, {'type': 'list_item', 'content': 'Example command to find suspicious files: `ls -l /tmp/pwned.txt`'}, {'type': 'list_item', 'content': "Example command to search logs for suspicious MCP activity: `grep -i 'npx' /var/log/weknora/*.log` or relevant application logs."}] [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to upgrade WeKnora to version 0.2.10 or later, where the vulnerability has been patched by disabling the stdio-based MCP server.
Additionally, review your system and application logs for any signs of exploitation since version 0.2.5, monitor for suspicious MCP configurations, and check for unauthorized file creation.
If compromise is suspected, assume breach and take appropriate incident response actions.