CVE-2026-5007

MEDIUM

kazuph mcp-docs-rag add_git_repository/add_text_file index.ts cloneRepository os command injection

Title source: cna

Description

A vulnerability was identified in kazuph mcp-docs-rag up to 0.5.0. Affected is the function cloneRepository of the file src/index.ts of the component add_git_repository/add_text_file. The manipulation leads to os command injection. The attack needs to be performed locally. The exploit is publicly available and might be used. The project was informed of the problem early through an issue report but has not responded yet.

References (6)

[Vdb Entry, Technical Description] https://vuldb.com/vuln/353892

[Signature, Permissions Required] https://vuldb.com/vuln/353892/cti

[Third Party Advisory] https://vuldb.com/submit/779152

[Issue Tracking] https://github.com/kazuph/mcp-docs-rag/issues/7

[Exploit] https://github.com/user-attachments/files/25822451/mcp-docs-rag_bug.pdf

[Product] https://github.com/kazuph/mcp-docs-rag/

Scores

CVSS v3 5.3

EPSS 0.0030

EPSS Percentile 53.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Details

CWE

CWE-77 CWE-78

Status published

Products (5)

kazuph/mcp-docs-rag 0.1

kazuph/mcp-docs-rag 0.2

kazuph/mcp-docs-rag 0.3

kazuph/mcp-docs-rag 0.4

kazuph/mcp-docs-rag 0.5.0

Published Mar 28, 2026

Tracked Since Mar 29, 2026