Cyber Resilience

CVE-2026-2130

Medium

Published: 08 February 2026

Published
08 February 2026
Modified
05 March 2026
KEV Added
Patch
CVSS Score v4 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0158 72.4th percentile
Risk Priority 35 floored blend · peak EPSS

Summary

CVE-2026-2130 is a medium-severity Injection (CWE-74) vulnerability in Burtthecoder Maigret Mcp Server. Its CVSS base score is 5.3 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation of Remote Services (T1210); ranked in the top 27.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

This vulnerability is AI-related — categorised as AI Agent Protocols and Integrations; in the Protocol-Specific Risks risk domain.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2026-2130 is a command injection vulnerability (CWE-74, CWE-77) affecting BurtTheCoder's mcp-maigret software in versions up to 1.0.12. The flaw exists in an unknown part of the src/index.ts file within the search_username component, where manipulation of the Username argument enables the injection.

With a CVSS v3.1 base score of 6.3 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L), the vulnerability can be exploited remotely by an attacker possessing low privileges, with low attack complexity and no requirement for user interaction. Successful exploitation allows command injection, resulting in limited impacts to confidentiality, integrity, and availability.

Mitigation is achieved by upgrading to version 1.0.13, which incorporates the patch commit b1ae073c4b3e789ab8de36dc6ca8111ae9399e7a. Relevant advisories and resources are available on GitHub, including the repository, the patch commit, issue #9, pull request #10, and the v1.0.13 release tag.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

A vulnerability was determined in BurtTheCoder mcp-maigret up to 1.0.12. This affects an unknown part of the file src/index.ts of the component search_username. Executing a manipulation of the argument Username can lead to command injection. The attack may be launched…

more

remotely. Upgrading to version 1.0.13 is able to mitigate this issue. This patch is called b1ae073c4b3e789ab8de36dc6ca8111ae9399e7a. Upgrading the affected component is advised.

CWE(s)

AI Security AnalysisAI

AI Category
AI Agent Protocols and Integrations
Risk Domain
Protocol-Specific Risks
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
Matched keywords: mcp

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1210 Exploitation of Remote Services Lateral Movement
Adversaries may exploit remote services to gain unauthorized access to internal systems once inside of a network.
T1059 Command and Scripting Interpreter Execution
Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries.
Why these techniques?

Command injection vulnerability enables remote exploitation of a service (T1210) to execute arbitrary commands via a scripting interpreter (T1059).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-7812Shared CWE-74, CWE-77
CVE-2026-7211Shared CWE-74, CWE-77
CVE-2026-7215Shared CWE-74, CWE-77
CVE-2026-7316Shared CWE-74, CWE-77
CVE-2026-7157Shared CWE-74, CWE-77
CVE-2026-2178Shared CWE-74, CWE-77
CVE-2026-6980Shared CWE-74, CWE-77
CVE-2026-5184Shared CWE-74, CWE-77
CVE-2026-22688Shared CWE-77
CVE-2025-10963Shared CWE-74, CWE-77

Affected Assets

burtthecoder
maigret mcp server
≤ 1.0.12

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly prevents command injection by requiring validation and sanitization of the Username argument before processing in the search_username component.

prevent

Ensures timely patching and upgrading of vulnerable software, such as applying the fix in mcp-maigret version 1.0.13 to remediate the command injection flaw.

detect

Facilitates detection of command injection exploitation through monitoring for anomalous system calls or processes triggered by manipulated Username inputs.

References