Aikido Intel
Secure My Code
Intel

AIKIDO-2026-10472

mcp is vulnerable to Command Injection

Command Injection Pre-CVE
Found by Aikido Intel before public disclosure or CVE publication.

55

Medium Risk

This Affects:

PYTHONmcp
1.23.0 - 1.26.0
Fixed in 1.27.0

TL;DR

Affected versions of this package are vulnerable to command injection in example code that opens URLs using system shell execution. The affected logic constructs a shell command using a user-influenced URL and executes it without proper sanitization or argument separation, allowing crafted input containing shell metacharacters to modify the executed command. An attacker able to control the URL value can inject arbitrary commands, leading to unintended command execution in environments where the example code is reused or adapted in real applications.

Who does this affect?

You are affected if you are using the example code from a version that falls within the vulnerable range.

Background info

mcp is vulnerable to Command Injection in versions 1.23.0 - 1.26.0.

How to fix this

Check if you are using the vulnerable example code and upgrade to the patch version.

Links

Get Secure Now

Secure your code, cloud, and runtime environments in one central system. Find and fix vulnerabilities automatically.

Start for Free
Book a Demo

No credit card required | Scan results in 32secs.

Aikido Platform
Subscribe
Stay up to date with all updates
LinkedIn YouTube X
© 2026 Aikido Security BV | BE0792914919
Ghent, Belgium | San Francisco, US
SOC 2SOC 2Compliant
ISO 27001ISO 27001Compliant
Get Security Done