CVE-2026-16133
MEDIUM SEVERITYCVSS Score & Metrics
Base Score
5.0 / 10
Vector String
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
Vulnerability Description
A flaw has been found in LiuMengxuan04 MiniCode 0.1.0. Affected by this vulnerability is the function child_process.spawn of the file mcp.ts. Executing a manipulation can lead to command injection. The attack can be launched remotely. The attack requires a high level of complexity. The exploitation appears to be difficult. The exploit has been published and may be used. The pull request to fix this issue awaits acceptance.
Vulnerability Details
Published Date
Last Modified
CWE ID
CWE-74
Source
NVD
Vendor
LiuMengxuan04
Product
MiniCode
External References
- https://gist.github.com/menelausx/b42381d2788a334cba8cda43f52e2a28
- https://github.com/LiuMengxuan04/MiniCode/
- https://github.com/LiuMengxuan04/MiniCode/issues/35
- https://github.com/LiuMengxuan04/MiniCode/pull/37
- https://vuldb.com/cve/CVE-2026-16133
- https://vuldb.com/submit/856976
- https://vuldb.com/vuln/379853
- https://vuldb.com/vuln/379853/cti
Discussion (0)
Add Comment
No comments yet. Be the first!