CVE-2026-2130

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions BurtTheCoder mcp-maigret versions through 1.0.12

Description A flaw exists in the component search username within the file src/index.ts. Manipulating the Username argument can result in command injection, potentially allowing for remote attacks.

Recommendations Upgrade to version 1.0.13 to address this issue.

Fix

Command Injection

Special Elements Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-77CWE-74

Related Identifiers

CVE-2026-2130

GHSA-2G7V-HGHF-GRG4

Affected Products

Mcp-Maigret

CVE-2026-2130

Weakness Enumeration

Related Identifiers

Affected Products

References · 14