{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-4199", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-03-15T08:32:38.885Z", "datePublished": "2026-03-16T00:02:10.776Z", "dateUpdated": "2026-03-16T20:07:05.441Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-03-16T00:02:10.776Z"}, "title": "bazinga012 mcp_code_executor index.ts installDependencies command injection", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-77", "lang": "en", "description": "Command Injection"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-74", "lang": "en", "description": "Injection"}]}], "affected": [{"vendor": "bazinga012", "product": "mcp_code_executor", "versions": [{"version": "0.1", "status": "affected"}, {"version": "0.2", "status": "affected"}, {"version": "0.3.0", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability was identified in bazinga012 mcp_code_executor up to 0.3.0. Affected by this issue is the function installDependencies of the file src/index.ts. Such manipulation leads to command injection. The attack can only be performed from a local environment. The exploit is publicly available and might be used. It is best practice to apply a patch to resolve this issue. The project was informed of the problem early through an issue report but has not responded yet."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 4.8, "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C", "baseSeverity": "MEDIUM"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C", "baseSeverity": "MEDIUM"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 4.3, "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C"}}], "timeline": [{"time": "2026-03-15T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-03-15T01:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-03-15T09:37:42.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "Yinci Chen (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/?id.351111", "name": "VDB-351111 | bazinga012 mcp_code_executor index.ts installDependencies command injection", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.351111", "name": "VDB-351111 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.770424", "name": "Submit #770424 | bazinga012 mcp_code_executor <=0.3.0 Command Injection", "tags": ["third-party-advisory"]}, {"url": "https://github.com/bazinga012/mcp_code_executor/issues/17", "tags": ["issue-tracking"]}, {"url": "https://github.com/user-attachments/files/25931133/mcp_code_executor_security_advisory.pdf", "tags": ["exploit"]}, {"url": "https://github.com/bazinga012/mcp_code_executor/pull/18/commits/a94ec2fea318597646ba1c44d8e44eb1c9196d20", "tags": ["issue-tracking", "patch"]}, {"url": "https://github.com/bazinga012/mcp_code_executor/", "tags": ["product"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-16T20:06:35.739123Z", "id": "CVE-2026-4199", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-16T20:07:05.441Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-4199", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-16T20:06:35.739123Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-16T20:06:54.476Z"}}], "cna": {"title": "bazinga012 mcp_code_executor index.ts installDependencies command injection", "credits": [{"lang": "en", "type": "reporter", "value": "Yinci Chen (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 4.8, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 4.3, "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C"}}], "affected": [{"vendor": "bazinga012", "product": "mcp_code_executor", "versions": [{"status": "affected", "version": "0.1"}, {"status": "affected", "version": "0.2"}, {"status": "affected", "version": "0.3.0"}]}], "timeline": [{"lang": "en", "time": "2026-03-15T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2026-03-15T01:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2026-03-15T09:37:42.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.351111", "name": "VDB-351111 | bazinga012 mcp_code_executor index.ts installDependencies command injection", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.351111", "name": "VDB-351111 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.770424", "name": "Submit #770424 | bazinga012 mcp_code_executor <=0.3.0 Command Injection", "tags": ["third-party-advisory"]}, {"url": "https://github.com/bazinga012/mcp_code_executor/issues/17", "tags": ["issue-tracking"]}, {"url": "https://github.com/user-attachments/files/25931133/mcp_code_executor_security_advisory.pdf", "tags": ["exploit"]}, {"url": "https://github.com/bazinga012/mcp_code_executor/pull/18/commits/a94ec2fea318597646ba1c44d8e44eb1c9196d20", "tags": ["issue-tracking", "patch"]}, {"url": "https://github.com/bazinga012/mcp_code_executor/", "tags": ["product"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was identified in bazinga012 mcp_code_executor up to 0.3.0. Affected by this issue is the function installDependencies of the file src/index.ts. Such manipulation leads to command injection. The attack can only be performed from a local environment. The exploit is publicly available and might be used. It is best practice to apply a patch to resolve this issue. The project was informed of the problem early through an issue report but has not responded yet."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-77", "description": "Command Injection"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-74", "description": "Injection"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-03-16T00:02:10.776Z"}}}, "cveMetadata": {"cveId": "CVE-2026-4199", "state": "PUBLISHED", "dateUpdated": "2026-03-16T20:07:05.441Z", "dateReserved": "2026-03-15T08:32:38.885Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2026-03-16T00:02:10.776Z", "assignerShortName": "VulDB"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was identified in bazinga012 mcp_code_executor up to 0.3.0. Affected by this issue is the function installDependencies of the file src/index.ts. Such manipulation leads to command injection. The attack can only be performed from a local environment. The exploit is publicly available and might be used. It is best practice to apply a patch to resolve this issue. The project was informed of the problem early through an issue report but has not responded yet."}, {"lang": "es", "value": "Una vulnerabilidad fue identificada en bazinga012 mcp_code_executor hasta la versi\u00f3n 0.3.0. La funci\u00f3n installDependencies del archivo src/index.ts se ve afectada por este problema. Dicha manipulaci\u00f3n conduce a inyecci\u00f3n de comandos. El ataque solo puede realizarse desde un entorno local. El exploit est\u00e1 disponible p\u00fablicamente y podr\u00eda ser utilizado. Es una buena pr\u00e1ctica aplicar un parche para resolver este problema. El proyecto fue informado del problema con antelaci\u00f3n a trav\u00e9s de un informe de incidencias, pero a\u00fan no ha respondido."}], "id": "CVE-2026-4199", "lastModified": "2026-04-29T01:00:01.613", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.1, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.4, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 1.9, "baseSeverity": "LOW", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-03-16T14:20:04.617", "references": [{"source": "cna@vuldb.com", "url": "https://github.com/bazinga012/mcp_code_executor/"}, {"source": "cna@vuldb.com", "url": "https://github.com/bazinga012/mcp_code_executor/issues/17"}, {"source": "cna@vuldb.com", "url": "https://github.com/bazinga012/mcp_code_executor/pull/18/commits/a94ec2fea318597646ba1c44d8e44eb1c9196d20"}, {"source": "cna@vuldb.com", "url": "https://github.com/user-attachments/files/25931133/mcp_code_executor_security_advisory.pdf"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?ctiid.351111"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?id.351111"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?submit.770424"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-74"}, {"lang": "en", "value": "CWE-77"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "0.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "0.2"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "0.3.0"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "mcp_code_executor", "source": "cna", "vendor": "bazinga012"}, "product": "mcp_code_executor", "vendor": "bazinga012"}], "analysis": {"en": {"generated_at": "2026-03-17T00:35:24.543188+00:00", "value": {"mitigation_remediation": ["Check the project repository for an updated release that addresses the command injection issue and upgrade to a version newer than 0.3.0.", "If no patch is available, disable or remove the installDependencies function from the code base to eliminate the injection vector.", "Sanitize all input passed to installDependencies or replace the shell invocation with a safer API such as child_process.execFile.", "Run the application with the least privilege possible or within a container to limit the impact of a potential injection.", "Monitor the GitHub issue tracker and any security advisory PDFs for updates or new patches."], "summary": {"action": "Patch", "impact": "Command Injection"}, "threat_synthesis": {"affected_systems": "The package bazinga012:mcp_code_executor is vulnerable in all releases up to and including version 0.3.0. Any installation of the software on a local machine that has not been updated beyond this version remains at risk.", "description_and_impact": "The affected function, installDependencies in src/index.ts, builds shell commands from user provided arguments without proper validation. This flaw allows an attacker with local access to execute arbitrary commands on the host. The vulnerability is classified in the Common Weakness Enumeration as CWE\u201174 (Improper Neutralization of Special Elements) and CWE\u201177 (Improper Neutralization of Command Injection).", "risk_and_exploitability": "The CVSS score of 4.8 indicates moderate severity, while the EPSS score of less than 1% suggests a low likelihood of exploitation in the wild. The vulnerability is not listed in the CISA Known Exploited Vulnerabilities catalog. Exploitation is possible only from a local environment, but the attack code is available publicly on the project\u2019s GitHub repository, meaning an attacker who gains local foothold could leverage it to elevate privileges or compromise the system."}}}}, "created": "2026-03-17T09:55:24.633071+00:00", "updated": "2026-03-23T14:00:51.819257+00:00", "vendors": ["bazinga012", "bazinga012$PRODUCT$mcp_code_executor"]}