CVE-2026-2008

Name of the Vulnerable Software and Affected Versions abhiphile fermat-mcp versions prior to 47f11def1cd37e45dd060f30cdce346cbdbd6f0a

Description A code injection issue exists in the eqn chart function within the fmcp/mpl mcp/core/eqn chart.py file. Manipulation of the equations argument can lead to code injection. This attack can be initiated remotely. The exploit is publicly available. The product uses a rolling release model, and no specific version details for affected or updated releases are available.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.