CVE-2026-7446
Published: 30 April 2026
Summary
CVE-2026-7446 is a high-severity Command Injection (CWE-77) vulnerability. Its CVSS base score is 7.3 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 17.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
This vulnerability is AI-related — categorised as AI Agent Protocols and Integrations; in the Protocol-Specific Risks risk domain.
The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SI-10 (Information Input Validation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly mitigates the OS command injection vulnerability by requiring timely identification, reporting, and application of patches such as the upgrade to mcp-server-semgrep version 1.0.1.
Requires validation of information inputs like the manipulable 'ID' argument to block OS command injection in affected functions such as analyze_results and scan_directory.
Enables detection of this specific CVE through vulnerability scanning of the mcp-server-semgrep component, facilitating timely remediation.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
OS command injection in public-facing server component (MCP interface) enables remote unauthenticated exploitation of the application (T1190) and arbitrary command execution via Unix shell (T1059.004).
NVD Description
A vulnerability was detected in VetCoders mcp-server-semgrep 1.0.0. This affects the function analyze_results/filter_results/export_results/compare_results/scan_directory/create_rule of the file src/index.ts of the component MCP Interface. The manipulation of the argument ID results in os command injection. The attack can be executed remotely. The…
more
exploit is now public and may be used. Upgrading to version 1.0.1 is able to mitigate this issue. The patch is identified as 141335da044e53c3f5b315e0386e01238405b771. It is advisable to upgrade the affected component.
Deeper analysisAI
CVE-2026-7446 is an OS command injection vulnerability in VetCoders mcp-server-semgrep version 1.0.0. The flaw resides in the MCP Interface component, specifically within the functions analyze_results, filter_results, export_results, compare_results, scan_directory, and create_rule in the file src/index.ts. It stems from manipulation of the 'ID' argument, enabling arbitrary OS command execution.
Attackers can exploit this vulnerability remotely without authentication or user interaction, given its CVSS v3.1 base score of 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) and associated CWEs-77 and CWE-78. Unauthenticated remote actors face low complexity in execution, potentially achieving limited impacts on confidentiality, integrity, and availability. A public exploit is available for use.
Advisories recommend upgrading to version 1.0.1, which mitigates the issue through patch commit 141335da044e53c3f5b315e0386e01238405b771. Supporting GitHub resources include the mcp-server-semgrep repository, the patch commit, issue #12, pull request #15, and the v1.0.1 release page.
Details
- CWE(s)
AI Security AnalysisAI
- AI Category
- AI Agent Protocols and Integrations
- Risk Domain
- Protocol-Specific Risks
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- Matched keywords: mcp, mcp