Cyber Resilience

CVE-2026-31040

CriticalRCE

Published: 08 April 2026

Published
08 April 2026
Modified
14 April 2026
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0056 42.1th percentile
Risk Priority 70 floored blend · peak EPSS

Summary

CVE-2026-31040 is a critical-severity Code Injection (CWE-94) vulnerability in Statamcp Stata-Mcp. Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 42.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

This vulnerability is AI-related — categorised as AI Agent Protocols and Integrations; in the Protocol-Specific Risks risk domain.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2026-31040 is a critical vulnerability in the stata-mcp software prior to version 1.13.0, stemming from insufficient validation of user-supplied Stata do-file content that enables command execution. Published on 2026-04-08, it carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) and maps to CWE-94 (Code Injection).

Unauthenticated remote attackers can exploit this vulnerability over the network with low attack complexity and no user interaction required. Successful exploitation grants high-impact confidentiality, integrity, and availability compromises, including arbitrary command execution on affected systems.

Mitigation is available via the stata-mcp GitHub repository, where version 1.13.0 incorporates the fix through commit 52413ce and pull request 21, as detailed in issue 20. Security practitioners should prioritize updating to v1.13.0 or later to address the vulnerability.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

A vulnerability was identified in stata-mcp prior to v1.13.0 where insufficient validation of user-supplied Stata do-file content can lead to command execution.

CWE(s)

AI Security AnalysisAI

AI Category
AI Agent Protocols and Integrations
Risk Domain
Protocol-Specific Risks
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
Matched keywords: mcp

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1059 Command and Scripting Interpreter Execution
Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries.
Why these techniques?

Unauthenticated remote code injection vulnerability in public-facing software (stata-mcp) enables exploitation of public-facing applications (T1190) leading to arbitrary command execution (T1059).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-2287Shared CWE-94
CVE-2026-25807Shared CWE-94
CVE-2026-26045Shared CWE-94
CVE-2024-11600Shared CWE-94
CVE-2025-67979Shared CWE-94
CVE-2026-6543Shared CWE-94
CVE-2025-6000Shared CWE-94
CVE-2024-54756Shared CWE-94
CVE-2026-42898Shared CWE-94
CVE-2026-30741Shared CWE-94

Affected Assets

statamcp
stata-mcp
≤ 1.13.0

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires validation of user-supplied inputs such as Stata do-file content to prevent code injection and arbitrary command execution.

prevent

Mandates identification, reporting, and correction of flaws like insufficient do-file validation by patching to v1.13.0 or later.

detect

Monitors systems for attacks and indicators of potential attacks, including anomalous command execution from do-file exploitation.

References