Platform
python
Component
fermat-mcp
Fixed in
47.0.1
A code injection vulnerability has been identified in fermat-mcp, affecting versions up to 47f11def1cd37e45dd060f30cdce346cbdbd6f0a. This flaw allows attackers to inject malicious code by manipulating arguments passed to the eqnchart function within the eqnchart.py file. The vulnerability is remotely exploitable and a public proof-of-concept exists, posing an immediate risk. Due to fermat-mcp's rolling release model, specific fixed versions are not available.
Successful exploitation of CVE-2026-2008 allows an attacker to execute arbitrary code on the system running fermat-mcp. This could lead to complete system compromise, including data theft, modification, or destruction. The remote accessibility of the vulnerability significantly broadens the attack surface, making it possible for attackers to exploit the flaw from anywhere with network access. The availability of a public proof-of-concept suggests that attackers are actively seeking to exploit this vulnerability, increasing the risk of widespread compromise.
This vulnerability is actively being exploited, as evidenced by the availability of a public proof-of-concept. While it has not been added to the CISA KEV catalog as of this writing, the public exploit and medium CVSS score suggest a moderate probability of exploitation. The project was notified early, but the rolling release model complicates timely patching.
Exploit Status
EPSS
0.09% (25% percentile)
CISA SSVC
CVSS Vector
Given fermat-mcp's rolling release model, a direct patch is not immediately available. Mitigation strategies should focus on limiting the attack surface and detecting potential exploitation attempts. Implement strict input validation for all arguments passed to the eqn_chart function, ensuring that only expected data types and formats are accepted. Consider using a Web Application Firewall (WAF) to filter out malicious requests. Monitor system logs for suspicious activity, such as unexpected code execution or unusual network connections. Due to the lack of a specific fix, continuous monitoring and proactive security measures are crucial. Verification after implementing these measures should involve testing input validation and monitoring for any signs of code injection.
Update the fermat-mcp library to a version later than 47f11def1cd37e45dd060f30cdce346cbdbd6f0a, if available. Otherwise, avoid using the eqn_chart function or carefully sanitize the 'equations' input before passing it to the function to prevent code injection (code injection).
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-2008 is a code injection vulnerability affecting fermat-mcp versions up to 47f11def1cd37e45dd060f30cdce346cbdbd6f0a. Attackers can inject code by manipulating arguments, potentially leading to system compromise.
If you are using fermat-mcp versions up to 47f11def1cd37e45dd060f30cdce346cbdbd6f0a, you are potentially affected. The rolling release model means no specific fixed version is available.
Due to the rolling release, a direct patch is unavailable. Implement strict input validation, consider a WAF, and monitor system logs for suspicious activity.
Yes, a public proof-of-concept exists, indicating active exploitation is likely.
Refer to the fermat-mcp project's issue tracker and website for updates and advisories regarding CVE-2026-2008.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your requirements.txt file and we'll tell you instantly if you're affected.