PolarVista xcode-mcp-server Suffers High-Severity OS Command Injection

/HIGH /CVSS 7.3/10
Written by SCW Vulnerability Desk Vulnerability Intelligence
SCW vulnerabilitycvehigh-severitycommand-injectioncwe-77cwe-78
PolarVista xcode-mcp-server Suffers High-Severity OS Command Injection

The National Vulnerability Database has disclosed CVE-2026-7416, a high-severity OS command injection vulnerability in PolarVista xcode-mcp-server version 1.0.0. This flaw, rated 7.3 CVSS, resides in the build_project/run_tests function within the src/index.ts file’s MCP Interface component. Attackers can exploit this remotely by manipulating the Request argument.

This isn’t theoretical; an exploit for CVE-2026-7416 is publicly available. The project maintainers were reportedly notified early via an issue report but have not yet responded, leaving users exposed. The ability to inject OS commands remotely is a critical vector, allowing attackers to execute arbitrary code with the privileges of the affected server process.

For defenders, this means potential full system compromise. An attacker gaining remote command execution can establish persistence, exfiltrate data, or pivot further into the network. The public availability of an exploit significantly lowers the bar for adversaries, making exploitation highly probable for unpatched systems.

What This Means For You

  • If your organization uses PolarVista xcode-mcp-server 1.0.0, you are directly exposed to remote OS command injection. Given the public exploit and lack of vendor response, assume this vulnerability is actively being scanned for and exploited. Isolate these systems immediately and assess for alternative solutions. A patch is critical, but until then, strict network segmentation and monitoring for anomalous activity originating from these servers are paramount.

Related ATT&CK Techniques

T1190 Exploit Public-Facing Application Initial Access T1059.004 Command and Scripting Interpreter: Unix Shell Execution

🛡️ Detection Rules

2 rules · 6 SIEM formats

2 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.

critical T1190 Initial Access

CVE-2026-7416 - PolarVista xcode-mcp-server OS Command Injection via build_project/run_tests

Sigma YAML — free preview 
title: CVE-2026-7416 - PolarVista xcode-mcp-server OS Command Injection via build_project/run_tests
id: scw-2026-04-29-ai-1
status: experimental
level: critical
description: |
  Detects attempts to exploit CVE-2026-7416 in PolarVista xcode-mcp-server. This rule specifically looks for requests to the '/build_project' or '/run_tests' endpoints with a 'Request=' parameter containing characters commonly used for OS command injection (&&, ;, |, `, $()). This indicates an attempt to inject arbitrary commands into the server.
author: SCW Feed Engine (AI-generated)
date: 2026-04-29
references:
  - https://shimiscyberworld.com/posts/nvd-CVE-2026-7416/
tags:
  - attack.initial_access
  - attack.t1190
logsource:
    category: webserver
detection:
  selection:
      cs-uri|contains:
          - '/build_project'
          - '/run_tests'
      cs-uri-query|contains:
          - 'Request='
  selection_command_injection:
      cs-uri-query|contains:
          - '&&'
          - ';'
          - '|'
          - '`'
          - '$()'
      condition: selection AND selection_command_injection
  condition: selection AND selection_command_injection
falsepositives:
  - Legitimate administrative activity

Source: Shimi's Cyber World · License & reuse

✓ Sigma · Splunk SPL Sentinel KQL Elastic QRadar AQL Wazuh Get rules for your SIEM →

Indicators of Compromise

IDTypeIndicator
CVE-2026-7416 Command Injection PolarVista xcode-mcp-server 1.0.0
CVE-2026-7416 Command Injection src/index.ts::build_project/run_tests (MCP Interface)
CVE-2026-7416 Command Injection Manipulation of argument 'Request' leads to OS command injection

Written by SCW Vulnerability Desk

Source & Attribution
Source PlatformNVD
ChannelNational Vulnerability Database
PublishedApril 30, 2026 at 01:16 UTC

This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.

Believe this infringes your rights? Submit a takedown request.

Related coverage

UTT HiPER 1250GW: High-Severity Buffer Overflow (CVE-2026-7418)

CVE-2026-7418 — A vulnerability was determined in UTT HiPER 1250GW up to 3.2.7-210907-180535. This vulnerability affects the function strcpy of the file route/goform/NTP. Executing a...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 2 Sigma

Algovate xhs-mcp SSRF Vulnerability (CVE-2026-7417) Publicly Disclosed

CVE-2026-7417 — A vulnerability was found in Algovate xhs-mcp 0.8.11. This affects the function xhs_publish_content of the file src/server/mcp.server.ts of the component MCP Interface. Performing...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-7410 — SourceCodester Pizzafy Ecommerce System SQL Injection

CVE-2026-7410 — A vulnerability has been found in SourceCodester Pizzafy Ecommerce System 1.0. This vulnerability affects unknown code of the file /admin/ajax.php?action=add_to_cart. The manipulation of...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma