CVE-2026-7157: Aider-MCP-Server Command Injection Vulnerability
The National Vulnerability Database (NVD) has disclosed CVE-2026-7157, a high-severity command injection vulnerability in disler aider-mcp-server up to commit b2516fa466d0d851932da92ee6d0e66946db9efc. This flaw, rated CVSS 7.3 (HIGH), resides within the src/aider_mcp_server/server.py component, specifically through manipulation of the relative_editable_files argument.
This vulnerability allows for remote exploitation, meaning attackers can inject and execute arbitrary commands without needing local access or extensive prior interaction. The NVD notes that an exploit for this vulnerability has already been published, significantly increasing the immediate risk to any exposed instances. The project maintains a rolling release model, so specific affected versions are not detailed.
Critically, the project was informed of the issue via an early report but has not yet responded or released a fix. This leaves organizations using aider-mcp-server in a precarious position, facing a known, exploitable, and unpatched vulnerability. Defenders must prioritize identifying and mitigating any instances of this software immediately.
What This Means For You
- If your organization utilizes `disler aider-mcp-server`, you are directly exposed to CVE-2026-7157. An exploit is public, and the vendor has not responded to the vulnerability report. Assume compromise is a real possibility. Your immediate priority is to identify all instances of `aider-mcp-server` within your environment and either take them offline or implement strict network segmentation and access controls to prevent remote exploitation. Monitor for any suspicious activity originating from or targeting these servers.
Related ATT&CK Techniques
🛡️ Detection Rules
2 rules · 6 SIEM formats2 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.
CVE-2026-7157: Aider-MCP-Server Command Injection via relative_editable_files
title: CVE-2026-7157: Aider-MCP-Server Command Injection via relative_editable_files
id: scw-2026-04-27-ai-1
status: experimental
level: critical
description: |
Detects attempts to exploit CVE-2026-7157 by targeting the 'relative_editable_files' parameter in the aider-mcp-server, which can lead to command injection. This rule looks for specific URI paths and query parameters associated with the vulnerable functionality.
author: SCW Feed Engine (AI-generated)
date: 2026-04-27
references:
- https://shimiscyberworld.com/posts/nvd-CVE-2026-7157/
tags:
- attack.initial_access
- attack.t1190
logsource:
category: webserver
detection:
selection:
cs-uri|contains:
- '/aider_ai_code/server.py'
cs-uri-query|contains:
- 'relative_editable_files='
condition: selection
falsepositives:
- Legitimate administrative activity
Source: Shimi's Cyber World · License & reuse
Indicators of Compromise
| ID | Type | Indicator |
|---|---|---|
| CVE-2026-7157 | Command Injection | disler aider-mcp-server up to b2516fa466d0d851932da92ee6d0e66946db9efc |
| CVE-2026-7157 | Command Injection | src/aider_mcp_server/server.py |
| CVE-2026-7157 | Command Injection | argument relative_editable_files |
Written by SCW Vulnerability Desk
Source & Attribution
| Source Platform | NVD |
| Channel | National Vulnerability Database |
| Published | April 28, 2026 at 00:16 UTC |
This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.
Believe this infringes your rights? Submit a takedown request.
Related coverage
CVE-2026-7178: ChatGPTNextWeb NextChat SSRF Vulnerability
CVE-2026-7178 — A weakness has been identified in ChatGPTNextWeb NextChat up to 2.16.1. This affects the function storeUrl of the file app/api/artifacts/route.ts of the component...
ChatGPTNextWeb NextChat SSRF Vulnerability (CVE-2026-7177) Exposed
CVE-2026-7177 — A security flaw has been discovered in ChatGPTNextWeb NextChat up to 2.16.1. Affected by this issue is the function proxyHandler of the file...
Tenda HG3 Router Command Injection (CVE-2026-7160) Exposes Networks
CVE-2026-7160 — A vulnerability was determined in Tenda HG3 2.0. This vulnerability affects the function formTracert of the file /boaform/formTracert. Executing a manipulation of the...