CVE-2026-22785

CRITICAL

orval < 7.18.0 - Remote Code Execution via OpenAPI Summary Field Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2026-22785. PoCs published by langbyyi.

AI-analyzed exploit summary This repository contains a functional proof-of-concept exploit for CVE-2026-22785, a code injection vulnerability in orval < 7.18.0. The exploit leverages unescaped OpenAPI `summary` fields to inject malicious code into generated MCP server files, achieving remote command execution.

Description

orval generates type-safe JS clients (TypeScript) from any valid OpenAPI v3 or Swagger v2 specification. Prior to 7.18.0, the MCP server generation logic relies on string manipulation that incorporates the summary field from the OpenAPI specification without proper validation or escaping. This allows an attacker to "break out" of the string literal and inject arbitrary code. This vulnerability is fixed in 7.18.0.

Exploits (1)

nomisec WORKING POC
by langbyyi · poc
https://github.com/langbyyi/CVE-2026-22785

This repository contains a functional proof-of-concept exploit for CVE-2026-22785, a code injection vulnerability in orval < 7.18.0. The exploit leverages unescaped OpenAPI `summary` fields to inject malicious code into generated MCP server files, achieving remote command execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: orval < 7.18.0
No auth needed
Prerequisites: Node.js environment with orval installed · Ability to provide malicious OpenAPI specification
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 9.8
EPSS 0.0003
EPSS Percentile 8.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact total

Details

CWE
CWE-77
Status published
Products (2)
orval/mcp 0 - 7.18.0npm
orval/orval < 7.18.0
Published Jan 12, 2026
Tracked Since Feb 18, 2026