CVE-2026-7628
Command Injection in crazyrabbitLTC mcp-code-review-server
Publication date: 2026-05-02
Last updated on: 2026-05-05
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| crazyrabbitltc | mcp-code-review-server | to 0.1.0 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-74 | The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component. |
| CWE-77 | The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-7628 is a command injection vulnerability in the crazyrabbitLTC mcp-code-review-server up to version 0.1.0. It affects the executeRepomix function in the src/repomix.ts file of the RepoMix Command Handler component. The vulnerability arises because the server uses the Node.js exec() function to run shell commands with unsanitized user input, specifically from parameters like specificFiles and repoPath.
Attackers can inject malicious shell commands by including shell meta-characters (such as ;, &, or |) in these parameters, which the server then executes. This allows remote attackers to execute arbitrary commands on the server hosting the application.
The issue was reported with a proof-of-concept demonstrating how an attacker could, for example, run commands like whoami and write outputs to files by injecting them into the specificFiles parameter.
How can this vulnerability impact me? :
This vulnerability can have serious impacts because it allows remote attackers to execute arbitrary commands on the affected server.
- Attackers could gain unauthorized access to sensitive data stored on the server.
- They could modify or delete files, potentially disrupting service or corrupting data.
- The attacker might escalate privileges depending on the server's configuration, leading to full control over the host environment.
- Such control could be used to pivot to other systems within the network, increasing the scope of compromise.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking if the mcp-code-review-server is executing shell commands using the exec() function with unsanitized user input, specifically in the parameters like specificFiles or repoPath.
One way to detect exploitation attempts is to monitor for unusual command executions or unexpected files created by injected commands, such as files created by commands like whoami > poc.txt.
You can also look for suspicious usage patterns or command injection attempts in logs or by running tests with crafted inputs containing shell meta-characters like ;, &, or |.
- Use network monitoring tools to detect unusual outbound commands or connections initiated by the server.
- Run a test command against the vulnerable parameter, for example, invoking the analyze_repo tool with a parameter like 'package.json&whoami > poc.txt' and then checking if the file poc.txt is created with the output of whoami.
- Check the source code or running processes to see if exec() is used with unsanitized input.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include replacing the use of child_process.exec with child_process.execFile to avoid shell interpretation of user inputs.
Implement strict input validation and sanitization on all user-supplied parameters, especially those used in command execution like specificFiles and repoPath.
Avoid concatenating user input directly into shell command strings; instead, pass inputs as separate arguments to execFile or similar safe APIs.
Remove any shell-based output chaining (e.g., using && cat) to prevent command injection through shell operators.
Apply any available patches or pull requests that address this issue, such as the one replacing exec() with execFile and standardizing output handling.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows remote command injection on the mcp-code-review-server, potentially enabling attackers to execute arbitrary commands on the server.
Such unauthorized command execution could lead to unauthorized access, modification, or disclosure of sensitive data hosted or processed by the server.
This risk of data compromise may impact compliance with data protection regulations and standards such as GDPR and HIPAA, which require safeguarding sensitive information against unauthorized access and ensuring system integrity.
However, the provided information does not explicitly discuss compliance impacts or specific regulatory considerations.