CVE-2026-2008

MediumPublic PoC

Published: 06 February 2026

Published

06 February 2026

Modified

17 February 2026

KEV Added

—

Patch

—

CVSS Score 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

EPSS Score 0.0010 27.2th percentile

Risk Priority 13 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-2008 is a medium-severity Injection (CWE-74) vulnerability in Abhiphile Fermat. Its CVSS base score is 6.3 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 27.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

This vulnerability is AI-related — categorised as AI Agent Protocols and Integrations; in the Protocol-Specific Risks risk domain.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Directly prevents code injection by requiring validation and sanitization of the untrusted 'equations' input argument in eqn_chart.py.

SI-2 Flaw Remediation good match

prevent

Mandates timely remediation of the known code injection flaw, addressing the lack of patches in the rolling release model.

SI-4 System Monitoring partial match

detect

Enables monitoring for anomalous behavior indicative of code injection exploitation, given the public exploit availability.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

T1059.006 Python Execution

Adversaries may abuse Python commands and scripts for execution.

attack.mitre.org →

Why these techniques?

Code injection vulnerability in a remotely accessible Python service (AV:N/PR:L) enables exploitation of public-facing application (T1190) and arbitrary Python code execution (T1059.006).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

NVD Description

A vulnerability was detected in abhiphile fermat-mcp up to 47f11def1cd37e45dd060f30cdce346cbdbd6f0a. This vulnerability affects the function eqn_chart of the file fmcp/mpl_mcp/core/eqn_chart.py. Performing a manipulation of the argument equations results in code injection. It is possible to initiate the attack remotely. The…

exploit is now public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The project was informed of the problem early through an issue report but has not responded yet.

Deeper analysisAI

CVE-2026-2008 is a code injection vulnerability (CWE-74, CWE-94) in the abhiphile/fermat-mcp project, affecting the eqn_chart function in the file fmcp/mpl_mcp/core/eqn_chart.py. The flaw arises from manipulation of the 'equations' argument and impacts commits up to 47f11def1cd37e45dd060f30cdce346cbdbd6f0a. Published on 2026-02-06, it carries a CVSS v3.1 base score of 6.3 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L).

An attacker with low privileges can exploit this vulnerability remotely with low complexity and no user interaction. Successful exploitation enables code injection, resulting in limited impacts to confidentiality, integrity, and availability.

The project employs a rolling release model, providing no specific details on affected or updated versions. It was informed early via GitHub issue #9 but has not responded. An exploit is public, with further details available in the repository at https://github.com/abhiphile/fermat-mcp/, the issue tracker at https://github.com/abhiphile/fermat-mcp/issues/9 and https://github.com/abhiphile/fermat-mcp/issues/9#issue-3837794397, and VulDB at https://vuldb.com/?ctiid.344590 and https://vuldb.com/?id.344590. No patches or mitigations are documented.

Details

CWE(s): CWE-74 CWE-94

Affected Products

abhiphile

fermat

≤ 2025-10-08

AI Security AnalysisAI

AI Category: AI Agent Protocols and Integrations
Risk Domain: Protocol-Specific Risks
OWASP Top 10 for LLMs 2025: None mapped
Classification Reason: Matched keywords: mcp

CVEs Like This One

CVE-2026-5631Shared CWE-74, CWE-94

CVE-2026-5584Shared CWE-74, CWE-94

CVE-2026-4998Shared CWE-74, CWE-94

CVE-2026-3409Shared CWE-74, CWE-94

CVE-2026-5970Shared CWE-74, CWE-94

CVE-2026-6110Shared CWE-74, CWE-94

CVE-2026-44336Shared CWE-94

CVE-2026-6603Shared CWE-74, CWE-94

CVE-2026-27966Shared CWE-94

CVE-2026-25153Shared CWE-94

References

https://github.com/abhiphile/fermat-mcp/
Product · cna@vuldb.com
https://github.com/abhiphile/fermat-mcp/issues/9
Exploit, Vendor Advisory · cna@vuldb.com
https://github.com/abhiphile/fermat-mcp/issues/9#issue-3837794397
Exploit, Vendor Advisory · cna@vuldb.com
https://vuldb.com/?ctiid.344590
Permissions Required, VDB Entry · cna@vuldb.com
https://vuldb.com/?id.344590
Third Party Advisory, VDB Entry · cna@vuldb.com
https://vuldb.com/?submit.743458
Third Party Advisory, VDB Entry · cna@vuldb.com