Platform
nodejs
Component
mcp-vegalite-server
Fixed in
16.0.1
CVE-2026-1977 describes a code injection vulnerability discovered in the isaacwasserman mcp-vegalite-server component. This flaw allows remote attackers to inject arbitrary code by manipulating the vegalitespecification argument within the eval function of the visualizedata component. The vulnerability affects versions of mcp-vegalite-server up to commit hash 16aefed598b8cd897b78e99b907f6e2984572c61. Due to the project's rolling release system, a specific fixed version is not yet available.
Successful exploitation of CVE-2026-1977 enables an attacker to execute arbitrary code on the server hosting the mcp-vegalite-server component. This could lead to complete system compromise, including data exfiltration, denial of service, and further malicious activity. The ability to inject code remotely significantly expands the attack surface, potentially impacting any user or system interacting with the vulnerable server. Given the code injection nature, the blast radius could extend to other services or data accessible from the compromised server, depending on the server's configuration and permissions.
CVE-2026-1977 has been publicly disclosed and a proof-of-concept exploit is available, indicating a high likelihood of exploitation. The vulnerability was published on 2026-02-06. It is not currently listed on CISA KEV, and an EPSS score is pending evaluation. Active campaigns targeting this vulnerability are currently unknown, but the public availability of a PoC suggests potential for opportunistic exploitation.
Exploit Status
EPSS
0.06% (17% percentile)
CISA SSVC
CVSS Vector
Due to the rolling release nature of mcp-vegalite-server, a specific patched version is not yet available. The project recommends closely monitoring their release channels for updates. As a temporary workaround, implement strict input validation on the vegalite_specification argument to sanitize any potentially malicious code. Consider deploying a Web Application Firewall (WAF) with rules to detect and block code injection attempts targeting the eval function. Regularly review and update server configurations to minimize potential attack vectors and limit the privileges of the mcp-vegalite-server process. After applying any mitigations, verify their effectiveness by attempting to reproduce the vulnerability with a safe test payload.
Update the mcp-vegalite-server package to a patched version. Unfortunately, no specific patched version is available, so it is recommended to look for an updated version or contact the project maintainer for a solution.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-1977 is a medium severity code injection vulnerability affecting mcp-vegalite-server versions up to 16aefed598b8cd897b78e99b907f6e2984572c61. It allows remote attackers to inject code via the vegalite_specification argument.
If you are using mcp-vegalite-server versions prior to the rolling release update, you are potentially affected. Check your commit hash against the affected range (≤16aefed598b8cd897b78e99b907f6e2984572c61).
Due to the rolling release system, a specific fixed version is not yet available. Monitor the project's release channels for updates and implement input validation as a temporary mitigation.
A public proof-of-concept exploit is available, suggesting a potential for active exploitation. Monitor your systems for suspicious activity.
Refer to the isaacwasserman project's official release notes and communication channels for updates regarding CVE-2026-1977.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.