{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-5007", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-03-27T13:54:30.447Z", "datePublished": "2026-03-28T18:30:12.170Z", "dateUpdated": "2026-04-01T14:10:05.012Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-03-28T18:30:12.170Z"}, "title": "kazuph mcp-docs-rag add_git_repository/add_text_file index.ts cloneRepository os command injection", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-78", "lang": "en", "description": "OS Command Injection"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-77", "lang": "en", "description": "Command Injection"}]}], "affected": [{"vendor": "kazuph", "product": "mcp-docs-rag", "versions": [{"version": "0.1", "status": "affected"}, {"version": "0.2", "status": "affected"}, {"version": "0.3", "status": "affected"}, {"version": "0.4", "status": "affected"}, {"version": "0.5.0", "status": "affected"}], "modules": ["add_git_repository/add_text_file"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was identified in kazuph mcp-docs-rag up to 0.5.0. Affected is the function cloneRepository of the file src/index.ts of the component add_git_repository/add_text_file. The manipulation leads to os command injection. The attack needs to be performed locally. The exploit is publicly available and might be used. The project was informed of the problem early through an issue report but has not responded yet."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 4.8, "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 4.3, "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2026-03-27T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-03-27T01:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-03-27T14:59:36.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "Yinci Chen (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/vuln/353892", "name": "VDB-353892 | kazuph mcp-docs-rag add_git_repository/add_text_file index.ts cloneRepository os command injection", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/353892/cti", "name": "VDB-353892 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/779152", "name": "Submit #779152 | kazuph mcp-docs-rag <= 0.5.0 Command Injection", "tags": ["third-party-advisory"]}, {"url": "https://github.com/kazuph/mcp-docs-rag/issues/7", "tags": ["issue-tracking"]}, {"url": "https://github.com/user-attachments/files/25822451/mcp-docs-rag_bug.pdf", "tags": ["exploit"]}, {"url": "https://github.com/kazuph/mcp-docs-rag/", "tags": ["product"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-01T14:09:39.324412Z", "id": "CVE-2026-5007", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-01T14:10:05.012Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-5007", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-03-27T13:54:30.447Z", "datePublished": "2026-03-28T18:30:12.170Z", "dateUpdated": "2026-04-01T14:10:05.012Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-03-28T18:30:12.170Z"}, "title": "kazuph mcp-docs-rag add_git_repository/add_text_file index.ts cloneRepository os command injection", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-78", "lang": "en", "description": "OS Command Injection"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-77", "lang": "en", "description": "Command Injection"}]}], "affected": [{"vendor": "kazuph", "product": "mcp-docs-rag", "versions": [{"version": "0.1", "status": "affected"}, {"version": "0.2", "status": "affected"}, {"version": "0.3", "status": "affected"}, {"version": "0.4", "status": "affected"}, {"version": "0.5.0", "status": "affected"}], "modules": ["add_git_repository/add_text_file"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was identified in kazuph mcp-docs-rag up to 0.5.0. Affected is the function cloneRepository of the file src/index.ts of the component add_git_repository/add_text_file. The manipulation leads to os command injection. The attack needs to be performed locally. The exploit is publicly available and might be used. The project was informed of the problem early through an issue report but has not responded yet."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 4.8, "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 4.3, "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2026-03-27T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-03-27T01:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-03-27T14:59:36.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "Yinci Chen (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/vuln/353892", "name": "VDB-353892 | kazuph mcp-docs-rag add_git_repository/add_text_file index.ts cloneRepository os command injection", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/353892/cti", "name": "VDB-353892 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/779152", "name": "Submit #779152 | kazuph mcp-docs-rag <= 0.5.0 Command Injection", "tags": ["third-party-advisory"]}, {"url": "https://github.com/kazuph/mcp-docs-rag/issues/7", "tags": ["issue-tracking"]}, {"url": "https://github.com/user-attachments/files/25822451/mcp-docs-rag_bug.pdf", "tags": ["exploit"]}, {"url": "https://github.com/kazuph/mcp-docs-rag/", "tags": ["product"]}]}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-5007", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-01T14:09:39.324412Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-01T14:09:58.726Z"}}]}}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was identified in kazuph mcp-docs-rag up to 0.5.0. Affected is the function cloneRepository of the file src/index.ts of the component add_git_repository/add_text_file. The manipulation leads to os command injection. The attack needs to be performed locally. The exploit is publicly available and might be used. The project was informed of the problem early through an issue report but has not responded yet."}, {"lang": "es", "value": "Se identific\u00f3 una vulnerabilidad en kazuph mcp-docs-rag hasta la versi\u00f3n 0.5.0. La funci\u00f3n afectada es cloneRepository del archivo src/index.ts del componente add_git_repository/add_text_file. La manipulaci\u00f3n conduce a la inyecci\u00f3n de comandos del sistema operativo. El ataque debe realizarse localmente. El exploit est\u00e1 disponible p\u00fablicamente y podr\u00eda ser utilizado. El proyecto fue informado del problema tempranamente a trav\u00e9s de un informe de incidencias, pero a\u00fan no ha respondido."}], "id": "CVE-2026-5007", "lastModified": "2026-04-29T01:00:01.613", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.1, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.4, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 1.9, "baseSeverity": "LOW", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-03-28T19:16:56.710", "references": [{"source": "cna@vuldb.com", "url": "https://github.com/kazuph/mcp-docs-rag/"}, {"source": "cna@vuldb.com", "url": "https://github.com/kazuph/mcp-docs-rag/issues/7"}, {"source": "cna@vuldb.com", "url": "https://github.com/user-attachments/files/25822451/mcp-docs-rag_bug.pdf"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/submit/779152"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/353892"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/353892/cti"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-77"}, {"lang": "en", "value": "CWE-78"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "0.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "0.2"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "0.3"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "0.4"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "0.5.0"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "mcp-docs-rag", "source": "cna", "vendor": "kazuph"}, "product": "mcp-docs-rag", "vendor": "kazuph"}], "analysis": {"en": {"generated_at": "2026-03-28T20:21:35.582811+00:00", "value": {"mitigation_remediation": ["Update mcp-docs-rag to a version newer than 0.5.0 once a fix is released.", "If no newer release is available, disable or remove the cloneRepository feature or restrict its use to trusted users only.", "Apply input validation or sanitize arguments to cloneRepository before passing them to os.exec.", "Keep an eye on the project\u2019s issue tracker and security advisories for any patch releases."], "summary": {"action": "Apply Patch", "impact": "Local Command Execution"}, "threat_synthesis": {"affected_systems": "The issue affects all releases of kazuph mcp-docs-rag up to and including version 0.5.0. The product is distributed under the name mcp-docs-rag by vendor kazuph. No specific patch versions were listed, so any deployment of the vulnerable code base prior to an unnoted fix must be considered affected.", "description_and_impact": "The vulnerability occurs in the cloneRepository function within src/index.ts of the add_git_repository/add_text_file component of the mcp-docs-rag project. An attacker can supply specially crafted input that is passed unsanitized to an operating\u2011system command, allowing them to execute arbitrary commands. Because the flaw resides in a local function, the attack requires local access to the system running the application, but the exploit code is publicly available and has already been demonstrated. Successful exploitation would give the attacker full read/write access to the file system and the ability to run any command as the user under which the application is running.", "risk_and_exploitability": "The CVSS score of 4.8 indicates a moderate severity, and the EPSS score is unavailable. The vulnerability is not listed in CISA's KEV catalog. Since the attack vector is local, an adversary must already have some form of access to the host, but once present the exploitation is straightforward thanks to the publicly available payload. Therefore, organizations should consider mitigation early, especially if the system is exposed to untrusted local users."}}}}, "created": "2026-03-29T20:32:04.520565+00:00", "updated": "2026-03-30T06:58:57.690010+00:00", "vendors": ["kazuph", "kazuph$PRODUCT$mcp-docs-rag"]}