CVE-2026-7446
Command Injection in VetCoders mcp-server-semgrep
Publication date: 2026-04-30
Last updated on: 2026-04-30
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| vetcoders | mcp-server-semgrep | 1.0.0 |
| vetcoders | mcp-server-semgrep | 1.0.1 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-77 | The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component. |
| CWE-78 | The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in VetCoders mcp-server-semgrep version 1.0.0, specifically in the MCP Interface component within the file src/index.ts. It affects several functions including analyze_results, filter_results, export_results, compare_results, scan_directory, and create_rule. The issue arises from improper handling of the argument ID, which allows an attacker to perform OS command injection. This means that an attacker can remotely execute arbitrary operating system commands on the affected system.
The vulnerability is remotely exploitable and the exploit code is publicly available. Upgrading to version 1.0.1 mitigates this issue.
How can this vulnerability impact me? :
This vulnerability can have serious impacts as it allows remote attackers to execute arbitrary operating system commands on the affected system. This can lead to unauthorized access, data theft, data manipulation, disruption of services, or complete system compromise depending on the privileges of the exploited process.
What immediate steps should I take to mitigate this vulnerability?
The immediate step to mitigate this vulnerability is to upgrade the affected VetCoders mcp-server-semgrep component from version 1.0.0 to version 1.0.1.
This upgrade includes a patch identified as 141335da044e53c3f5b315e0386e01238405b771 that addresses the OS command injection vulnerability.
It is advisable to apply this upgrade as soon as possible to prevent remote exploitation.
Can you explain this vulnerability to me?
CVE-2026-7446 is an OS command injection vulnerability found in VetCoders mcp-server-semgrep version 1.0.0. It affects multiple functions in the MCP Interface component, including analyze_results, filter_results, export_results, compare_results, scan_directory, and create_rule within the src/index.ts file.
The vulnerability arises because user-controlled inputs, such as the argument ID, are unsafely incorporated into shell command strings executed via child_process.exec without proper sanitization. This allows an attacker with network access to inject arbitrary shell commands remotely.
Exploitation can lead to arbitrary code execution on the server with the privileges of the MCP process. The issue was fixed by replacing unsafe shell command executions with safer alternatives, adding strict input validation, and mitigating injection vectors.
How can this vulnerability impact me? :
This vulnerability can have severe impacts including full host compromise. An attacker can execute arbitrary operating system commands remotely, potentially leading to data exposure, loss of data integrity, and disruption of services.
Because the exploit allows execution with the server process privileges, it can be used to manipulate or steal sensitive information, disrupt normal operations, or further penetrate the network.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
The vulnerability involves OS command injection through user-controlled arguments in multiple functions of the mcp-server-semgrep 1.0.0 component. Detection can involve monitoring for suspicious shell metacharacters or unusual command execution patterns in the MCP interface logs.
A proof of concept demonstrated exploitation by injecting commands like 'id' into the analyze_results tool, indicating that testing with crafted inputs containing shell metacharacters (such as semicolons or hash symbols) in arguments to functions like analyze_results, filter_results, export_results, compare_results, scan_directory, or create_rule could reveal the vulnerability.
Since the vulnerable functions use child_process.exec() unsafely, commands to test might include sending requests or inputs to these functions with payloads like '; id' or '# id' appended to arguments to observe if arbitrary commands execute.
However, no specific detection commands are provided in the resources.
What immediate steps should I take to mitigate this vulnerability?
The immediate and recommended mitigation step is to upgrade the mcp-server-semgrep component from version 1.0.0 to version 1.0.1, which contains the patch for this vulnerability.
The patch replaces unsafe child_process.exec() calls with safer child_process.execFile(), replaces shell-based file operations with direct filesystem operations, and implements input validation to reject dangerous shell metacharacters.
Additional security hardening includes strict allowlists for rule creation fields, escaping YAML injection vectors, redacting sensitive tokens in logs, and limiting buffer sizes for command outputs.
Applying this update will prevent remote OS command injection and protect the system from arbitrary code execution.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows remote OS command injection, which can lead to full host compromise including data exposure, integrity loss, and service disruption.
Such impacts can affect compliance with common standards and regulations like GDPR and HIPAA, which require protection of sensitive data and system integrity.
However, the provided information does not explicitly discuss compliance implications or specific regulatory impacts.