{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-4198", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-03-15T08:29:28.279Z", "datePublished": "2026-03-15T23:32:19.764Z", "dateUpdated": "2026-03-16T20:08:37.689Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-03-15T23:32:19.764Z"}, "title": "hypermodel-labs mcp-server-auto-commit index.ts getGitChanges command injection", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-77", "lang": "en", "description": "Command Injection"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-74", "lang": "en", "description": "Injection"}]}], "affected": [{"vendor": "hypermodel-labs", "product": "mcp-server-auto-commit", "versions": [{"version": "1.0.0", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability was determined in hypermodel-labs mcp-server-auto-commit 1.0.0. Affected by this vulnerability is the function getGitChanges of the file index.ts. This manipulation causes command injection. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. Patch name: f7d992c830c5f2ec5749852e66c0195e3ed7fe30. Applying a patch is the recommended action to fix this issue. The project was informed of the problem early through an issue report but has not responded yet."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 4.8, "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C", "baseSeverity": "MEDIUM"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C", "baseSeverity": "MEDIUM"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 4.3, "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:TF/RC:C"}}], "timeline": [{"time": "2026-03-15T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-03-15T01:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-03-15T09:37:06.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "Yinci Chen (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/?id.351110", "name": "VDB-351110 | hypermodel-labs mcp-server-auto-commit index.ts getGitChanges command injection", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.351110", "name": "VDB-351110 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.770421", "name": "Submit #770421 | hypermodel-labs mcp-server-auto-commit <=0.0.1 Command Injection", "tags": ["third-party-advisory"]}, {"url": "https://github.com/hypermodel-labs/mcp-server-auto-commit/issues/7", "tags": ["issue-tracking", "patch"]}, {"url": "https://github.com/user-attachments/files/25687034/mcp-server-auto-commit_security_advisory.pdf", "tags": ["exploit", "patch"]}, {"url": "https://github.com/hypermodel-labs/mcp-server-auto-commit/pull/8/changes/f7d992c830c5f2ec5749852e66c0195e3ed7fe30", "tags": ["issue-tracking", "patch"]}, {"url": "https://github.com/hypermodel-labs/mcp-server-auto-commit/", "tags": ["patch", "product"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-16T20:08:22.047751Z", "id": "CVE-2026-4198", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-16T20:08:37.689Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-4198", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-16T20:08:22.047751Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-16T20:08:32.601Z"}}], "cna": {"title": "hypermodel-labs mcp-server-auto-commit index.ts getGitChanges command injection", "credits": [{"lang": "en", "type": "reporter", "value": "Yinci Chen (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 4.8, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 4.3, "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:TF/RC:C"}}], "affected": [{"vendor": "hypermodel-labs", "product": "mcp-server-auto-commit", "versions": [{"status": "affected", "version": "1.0.0"}]}], "timeline": [{"lang": "en", "time": "2026-03-15T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2026-03-15T01:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2026-03-15T09:37:06.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.351110", "name": "VDB-351110 | hypermodel-labs mcp-server-auto-commit index.ts getGitChanges command injection", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.351110", "name": "VDB-351110 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.770421", "name": "Submit #770421 | hypermodel-labs mcp-server-auto-commit <=0.0.1 Command Injection", "tags": ["third-party-advisory"]}, {"url": "https://github.com/hypermodel-labs/mcp-server-auto-commit/issues/7", "tags": ["issue-tracking", "patch"]}, {"url": "https://github.com/user-attachments/files/25687034/mcp-server-auto-commit_security_advisory.pdf", "tags": ["exploit", "patch"]}, {"url": "https://github.com/hypermodel-labs/mcp-server-auto-commit/pull/8/changes/f7d992c830c5f2ec5749852e66c0195e3ed7fe30", "tags": ["issue-tracking", "patch"]}, {"url": "https://github.com/hypermodel-labs/mcp-server-auto-commit/", "tags": ["patch", "product"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was determined in hypermodel-labs mcp-server-auto-commit 1.0.0. Affected by this vulnerability is the function getGitChanges of the file index.ts. This manipulation causes command injection. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. Patch name: f7d992c830c5f2ec5749852e66c0195e3ed7fe30. Applying a patch is the recommended action to fix this issue. The project was informed of the problem early through an issue report but has not responded yet."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-77", "description": "Command Injection"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-74", "description": "Injection"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-03-15T23:32:19.764Z"}}}, "cveMetadata": {"cveId": "CVE-2026-4198", "state": "PUBLISHED", "dateUpdated": "2026-03-16T20:08:37.689Z", "dateReserved": "2026-03-15T08:29:28.279Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2026-03-15T23:32:19.764Z", "assignerShortName": "VulDB"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was determined in hypermodel-labs mcp-server-auto-commit 1.0.0. Affected by this vulnerability is the function getGitChanges of the file index.ts. This manipulation causes command injection. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. Patch name: f7d992c830c5f2ec5749852e66c0195e3ed7fe30. Applying a patch is the recommended action to fix this issue. The project was informed of the problem early through an issue report but has not responded yet."}, {"lang": "es", "value": "Se determin\u00f3 una vulnerabilidad en hypermodel-labs mcp-server-auto-commit 1.0.0. Afectada por esta vulnerabilidad es la funci\u00f3n getGitChanges del archivo index.ts. Esta manipulaci\u00f3n causa inyecci\u00f3n de comandos. El ataque solo puede ser ejecutado localmente. El exploit ha sido divulgado p\u00fablicamente y puede ser utilizado. Nombre del parche: f7d992c830c5f2ec5749852e66c0195e3ed7fe30. Aplicar un parche es la acci\u00f3n recomendada para solucionar este problema. El proyecto fue informado del problema tempranamente a trav\u00e9s de un informe de problemas pero a\u00fan no ha respondido."}], "id": "CVE-2026-4198", "lastModified": "2026-04-29T01:00:01.613", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.1, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.4, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 1.9, "baseSeverity": "LOW", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-03-16T14:20:04.360", "references": [{"source": "cna@vuldb.com", "url": "https://github.com/hypermodel-labs/mcp-server-auto-commit/"}, {"source": "cna@vuldb.com", "url": "https://github.com/hypermodel-labs/mcp-server-auto-commit/issues/7"}, {"source": "cna@vuldb.com", "url": "https://github.com/hypermodel-labs/mcp-server-auto-commit/pull/8/changes/f7d992c830c5f2ec5749852e66c0195e3ed7fe30"}, {"source": "cna@vuldb.com", "url": "https://github.com/user-attachments/files/25687034/mcp-server-auto-commit_security_advisory.pdf"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?ctiid.351110"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?id.351110"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?submit.770421"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-74"}, {"lang": "en", "value": "CWE-77"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.0.0"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "mcp-server-auto-commit", "source": "cna", "vendor": "hypermodel-labs"}, "product": "mcp-server-auto-commit", "vendor": "hypermodel-labs"}], "analysis": {"en": {"generated_at": "2026-03-16T22:58:32.410228+00:00", "value": {"mitigation_remediation": ["Apply the patch commit f7d992c830c5f2ec5749852e66c0195e3ed7fe30 that fixes the command injection bug.", "Verify that the mcp\u2011server\u2011auto\u2011commit service is running with the patched code and that getGitChanges is not exposed to untrusted users.", "Restrict local user access to the machine or container running the service to trusted personnel.", "Monitor logs for suspicious command execution attempts."], "summary": {"action": "Patch Now", "impact": "Local Command Execution"}, "threat_synthesis": {"affected_systems": "The issue affects version 1.0.0 of hypermodel\u2011labs mcp-server-auto-commit. No other versions are publicly identified as vulnerable, but users of this exact release should verify their deployment. The product is provided by hypermodel\u2011labs under the product name mcp-server-auto-commit.", "description_and_impact": "The vulnerability involves a command injection flaw in the getGitChanges function of hypermodel\u2011labs mcp-server-auto-commit. An attacker with local access can supply crafted input that is passed unsanitized to the operating system, allowing arbitrary command execution. This can lead to local privilege escalation or compromise of the system executing the service. The weakness is categorized as CWE\u201174 and CWE\u201177.", "risk_and_exploitability": "The CVSS score for this flaw is 4.8, indicating low\u2011to\u2011medium severity, and the EPSS score is less than 1\u202f%, suggesting a low probability of exploitation in the wild. It is not listed in the CISA KEV catalog. The attack can only be performed locally; remote exploitation is not feasible according to the description. The overall risk is considered moderate, but any credentials that have local access to the environment could be abused if the patch is not applied."}}}}, "created": "2026-03-17T09:55:37.396739+00:00", "updated": "2026-03-23T14:01:05.920336+00:00", "vendors": ["hypermodel-labs", "hypermodel-labs$PRODUCT$mcp-server-auto-commit"]}