CVE-2026-48787

Name of the Vulnerable Software and Affected Versions gin-vue-admin version 2.9.1

Description An authenticated attacker with access to the code-generation feature and MCP management interface can inject controlled Go source code via the 'POST /autoCode/addFunc' endpoint. By subsequently invoking the 'POST /autoCode/mcpStart' endpoint, the attacker can trigger a rebuild and restart of the standalone MCP service, leading to arbitrary operating system command execution with the privileges of the application process. This may result in remote code execution (RCE), modification of backend source code or runtime logic, deployment of persistent backdoors, and manipulation of application data and configuration. The risk is most significant in deployments that retain the source tree, allow writes to source files, and support local build or startup of standalone MCP components.

Recommendations For version 2.9.1, enforce strict allowlist validation on path- and identifier-related fields including humpPackageName, packageName, FuncName, and Router to permit only safe identifier formats. At the moment, there is no information about a newer version that contains a fix for this vulnerability.