CVE-2026-6494
MEDIUMAap-mcp-server: aap mcp server: log injection allows social engineering attacks via unsanitized input
Title source: cnaDescription
A flaw was found in the AAP MCP server. An unauthenticated remote attacker can exploit a log injection vulnerability by sending specially crafted input to the `toolsetroute` parameter. This parameter is not properly sanitized before being written to logs, allowing the attacker to inject control characters such as newlines and ANSI escape sequences. This enables the attacker to obscure legitimate log entries and insert forged ones, which could facilitate social engineering attacks, potentially leading to an operator executing dangerous commands or visiting malicious URLs.
References (2)
Core 2
Core References
Vdb Entry, X_Refsource_Redhat vdb-entry
x_refsource_redhat
https://access.redhat.com/security/cve/CVE-2026-6494
Issue Tracking, X_Refsource_Redhat issue-tracking
x_refsource_redhat
RHBZ#2459131
https://bugzilla.redhat.com/show_bug.cgi?id=2459131
Scores
CVSS v3
5.3
EPSS
0.0031
EPSS Percentile
22.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-117
Status
published
Products (1)
Red Hat/Red Hat Ansible Automation Platform 2
Published
Apr 17, 2026
Tracked Since
Apr 17, 2026