PT-2026-60981 · Liumengxuan04 · Minicode

·

CVE-2026-16133

·

Published

2026-07-18

·

Updated

2026-07-18

CVSS v3.1

5.0

Medium

VectorAV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
A flaw has been found in LiuMengxuan04 MiniCode 0.1.0. Affected by this vulnerability is the function child process.spawn of the file mcp.ts. Executing a manipulation can lead to command injection. The attack can be launched remotely. The attack requires a high level of complexity. The exploitation appears to be difficult. The exploit has been published and may be used. The pull request to fix this issue awaits acceptance.

Exploit

Fix

Command Injection

Special Elements Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-16133

Affected Products

Minicode