{"count":21,"cves":[{"id":"MCP-2026-001","repo":"serena","stars":21924,"type":"RCE","severity":"CRITICAL","cvss":9.8,"description":"Remote code execution via unsanitized shell command construction"},{"id":"MCP-2026-002","repo":"hexstrike-ai","stars":7570,"type":"RCE","severity":"CRITICAL","cvss":9.8,"description":"shell=True with user-controlled input in subprocess call"},{"id":"MCP-2026-003","repo":"ida-pro-mcp","stars":6523,"type":"ACE","severity":"CRITICAL","cvss":9.8,"description":"Arbitrary code execution via exec/eval on user input"},{"id":"MCP-2026-004","repo":"Windows-MCP","stars":4793,"type":"CMD_INJ","severity":"CRITICAL","cvss":9.1,"description":"PowerShell injection + path traversal"},{"id":"MCP-2026-005","repo":"DesktopCommanderMCP","stars":5736,"type":"ACE","severity":"CRITICAL","cvss":9.8,"description":"Arbitrary code execution through desktop command interface"},{"id":"MCP-2026-006","repo":"notion-mcp (official)","stars":4080,"type":"RCE","severity":"CRITICAL","cvss":9.1,"description":"Remote code execution in official Notion MCP server"},{"id":"MCP-2026-007","repo":"FuzzingLabs/mcp-security-hub","stars":482,"type":"ACE","severity":"CRITICAL","cvss":10,"description":"boofuzz ACE + ffuf path traversal + trivy arg injection (8 servers)"},{"id":"MCP-2026-010","repo":"dbhub","stars":2300,"type":"SQLI","severity":"HIGH","cvss":8.6,"description":"SQL injection via unsanitized query parameters"},{"id":"MCP-2026-011","repo":"mysql_mcp_server","stars":1152,"type":"SQLI","severity":"HIGH","cvss":8.6,"description":"SQL injection in MySQL MCP server"},{"id":"MCP-2026-012","repo":"applescript-mcp","stars":436,"type":"CMD_INJ","severity":"HIGH","cvss":8.8,"description":"AppleScript command injection"},{"id":"MCP-2026-013","repo":"docker-mcp","stars":455,"type":"CMD_INJ","severity":"HIGH","cvss":8.8,"description":"Docker command injection via unsanitized args"},{"id":"MCP-2026-014","repo":"android-mcp-server","stars":705,"type":"CMD_INJ","severity":"HIGH","cvss":8.1,"description":"ADB shell command injection"},{"id":"MCP-2026-015","repo":"neo4j-contrib/mcp-neo4j","stars":920,"type":"INJECT","severity":"HIGH","cvss":8.1,"description":"Cypher query injection"},{"id":"MCP-2026-016","repo":"awslabs/mcp","stars":8633,"type":"SSRF","severity":"HIGH","cvss":7.5,"description":"9 SSRF vectors via git clone operations"},{"id":"MCP-2026-017","repo":"pal-mcp-server","stars":11352,"type":"PATH_TRAV","severity":"HIGH","cvss":7.5,"description":"5 path traversal vectors"},{"id":"MCP-2026-018","repo":"CodeGraphContext","stars":2714,"type":"INJECT","severity":"HIGH","cvss":8.1,"description":"3 Cypher injection vectors"},{"id":"MCP-2026-019","repo":"Gmail-MCP-Server","stars":1082,"type":"MIXED","severity":"HIGH","cvss":7.5,"description":"4 HIGH severity findings (mixed types)"},{"id":"MCP-2026-030","repo":"CrowdSentinels-AI-MCP","stars":202,"type":"PATH_TRAV","severity":"MEDIUM","cvss":6.5,"description":"Path traversal in chainsaw_client — evtx_path/sigma_path unsanitized"},{"id":"C4-K2-001","repo":"code-423n4/2026-04-k2","stars":0,"type":"TOCTOU","severity":"MEDIUM","cvss":6.8,"description":"2-step flash liquidation 600s price manipulation window"},{"id":"C4-K2-002","repo":"code-423n4/2026-04-k2","stars":0,"type":"DOS","severity":"MEDIUM","cvss":7.5,"description":"Oracle circuit breaker blocks liquidations during depeg"},{"id":"C4-K2-003","repo":"code-423n4/2026-04-k2","stars":0,"type":"LOGIC","severity":"MEDIUM","cvss":5.3,"description":"Flash loan premium coupled to liquidation fee"}]}