| शीर्षक | GitHub fermat-mcp master Code Injection |
|---|
| विवरण | In the latest version of fermat-mcp, the eqn_chart tool has a code injection vulnerability. This allows users to execute arbitrary code.
The equations parameter of the eqn_chart tool provided by MCP uses the eval function for calculation. Although the second parameter of eval limits its scope, there are still various ways to bypass it and execute arbitrary code. |
|---|
| स्रोत | ⚠️ https://github.com/abhiphile/fermat-mcp/issues/9 |
|---|
| उपयोगकर्ता | Lexpl0it (UID 89340) |
|---|
| सबमिशन | 21/01/2026 12:26 PM (5 महीनों पहले) |
|---|
| संयम | 05/02/2026 08:19 PM (15 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 344590 [abhiphile fermat-mcp तक 47f11def1cd37e45dd060f30cdce346cbdbd6f0a eqn_chart.py eqn_chart equations अधिकार वृद्धि] |
|---|
| अंक | 19 |
|---|