CVE-2026-7812: Remote Command Injection in 54yyyu code-mcp MCP Tool

/HIGH /CVSS 7.3/10
Written by SCW Vulnerability Desk Vulnerability Intelligence
SCW vulnerabilitycvehigh-severitycommand-injectioncwe-74cwe-77
CVE-2026-7812: Remote Command Injection in 54yyyu code-mcp MCP Tool

The National Vulnerability Database has disclosed CVE-2026-7812, a high-severity remote command injection vulnerability in 54yyyu code-mcp up to commit 4cfc4643541a110c906d93635b391bf7e357f4a8. The flaw resides in the git_operation function within the src/code_mcp/server.py file, specifically in the MCP Tool component. Attackers can trigger this vulnerability by manipulating the operation argument, leading to arbitrary command execution.

This vulnerability carries a CVSS score of 7.3 (HIGH) and is remotely exploitable with no authentication required. The exploit code is public, meaning this isn’t theoretical – it’s actively weaponizable. A major concern is that 54yyyu code-mcp uses continuous delivery, making it impossible to pinpoint specific affected or patched versions. The project was notified but has yet to respond, leaving users exposed.

This is a classic command injection scenario (CWE-74, CWE-77) that grants attackers significant control over the compromised system. Defenders need to recognize that public exploits for high-severity, unauthenticated remote vulnerabilities are prime targets for opportunistic attackers. The lack of versioning and developer responsiveness elevates the risk considerably.

What This Means For You

  • If your organization uses 54yyyu code-mcp, you need to assess your exposure to CVE-2026-7812 immediately. Since no patch information is available, your immediate priority should be to identify any instances of this software in your environment and isolate or remove them. Assume compromise if you cannot confirm its absence or mitigation. This is a critical remote execution vector, and the public exploit means attackers are already looking for targets.

Related ATT&CK Techniques

T1190 Exploit Public-Facing Application Initial Access T1059.004 Command and Scripting Interpreter: Unix Shell Execution

🛡️ Detection Rules

5 rules · 6 SIEM formats

5 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.

high T1190 Initial Access

Web Application Exploitation Attempt — CVE-2026-7812

Sigma YAML — free preview 
title: Web Application Exploitation Attempt — CVE-2026-7812
id: scw-2026-05-05-1
status: experimental
level: high
description: |
  Detects common exploitation patterns targeting web applications. Review CVE-2026-7812 advisories for specific indicators.
author: SCW Feed Engine (auto-generated)
date: 2026-05-05
references:
  - https://shimiscyberworld.com/posts/nvd-CVE-2026-7812/
tags:
  - attack.initial_access
  - attack.t1190
logsource:
    category: webserver
detection:
  selection:
      cs-uri-query|contains:
        - '..'
        - 'SELECT'
        - 'UNION'
        - '<script'
        - 'cmd='
        - '/etc/passwd'
      condition: selection
falsepositives:
  - Legitimate activity from CVE-2026-7812

Source: Shimi's Cyber World · License & reuse

✓ Sigma · Splunk SPL Sentinel KQL Elastic QRadar AQL Wazuh Get rules for your SIEM →

Indicators of Compromise

IDTypeIndicator
CVE-2026-7812 Command Injection 54yyyu code-mcp up to commit 4cfc4643541a110c906d93635b391bf7e357f4a8
CVE-2026-7812 Command Injection Vulnerable function: git_operation in src/code_mcp/server.py
CVE-2026-7812 Command Injection Vulnerable component: MCP Tool
CVE-2026-7812 Command Injection Manipulation of argument 'operation'

Written by SCW Vulnerability Desk

Source & Attribution
Source PlatformNVD
ChannelNational Vulnerability Database
PublishedMay 05, 2026 at 08:16 UTC

This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.

Believe this infringes your rights? Submit a takedown request.

Related coverage

CVE-2026-7823: Critical Command Injection in Totolink A8000RU Routers

CVE-2026-7823 — A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. Affected is the function setAppFilterCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the...

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7822 — Itsourcecode Courier Management System SQL Injection

CVE-2026-7822 — A vulnerability was identified in itsourcecode Courier Management System 1.0. This impacts an unknown function of the file /print_pdets.php. The manipulation of the...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7811: High-Severity Path Traversal in 54yyyu code-mcp

CVE-2026-7811 — A vulnerability has been found in 54yyyu code-mcp up to 4cfc4643541a110c906d93635b391bf7e357f4a8. The affected element is the function is_safe_path of the file src/code_mcp/server.py of...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma