Eryk Winiarz

**Name of the Vulnerable Software and Affected Versions** Aix-DB versions prior to 1.2.5 **Description** A missing authentication check on the "/llm/process llm out" endpoint allows unauthenticated clients to execute arbitrary "SELECT" SQL queries and retrieve database data. This occurs because the endpoint lacks the token validation enforced on all other application endpoints. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Code Runner MCP Server (affected versions not specified) **Description** A remote code execution issue exists when the server is run with the `--transport http` option. This configuration exposes the '/mcp' JSON-RPC endpoint on port 3088 without authentication. An unauthenticated remote attacker can invoke the `run-code` MCP tool to provide arbitrary source code, which is then executed via the `child process.exec()` function using the specified language interpreter. This allows the attacker to execute arbitrary code with the privileges of the user running the server. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MCPHub versions prior to 0.11.0 **Description** An authentication bypass exists because some endpoints are not protected by authentication middleware. This allows an unauthenticated attacker to perform actions on behalf of other users using their privileges. **Recommendations** Update to version 0.11.0 or later.

**Name of the Vulnerable Software and Affected Versions** PlotAI (affected versions not specified) **Description** A vulnerability has been found that could result in Remote Code Execution (RCE). The issue is due to the lack of validation of LLM-generated output, which allows an attacker to execute arbitrary Python code. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** DocsGPT versions 0.8.1 through 0.12.0 **Description** A vulnerability has been found in DocsGPT that could result in Remote Code Execution (RCE). Due to improper parsing of JSON data using `eval()`, an unauthorized attacker could send arbitrary Python code to be executed via the "/api/remote" endpoint. **Recommendations** To resolve the issue, update to a version later than 0.12.0. As a temporary workaround, consider disabling the `eval()` function or restricting access to the "/api/remote" endpoint until a patch is available. Avoid using the `eval()` function to parse JSON data in the affected API endpoint until the issue is resolved.