Platform
nodejs
Component
codebase-mcp
Fixed in
3.0.1
CVE-2026-5023 describes a command injection vulnerability discovered in codebase-mcp, a component within the DeDeveloper23 project. This flaw allows attackers to execute arbitrary operating system commands locally, potentially leading to unauthorized access and control. The vulnerability affects versions up to 3ec749d237dd8eabbeef48657cf917275792fde6, and due to the project's rolling release model, specific fixed versions are not available.
The command injection vulnerability in codebase-mcp allows an attacker with local access to execute arbitrary commands on the system. This could involve gaining persistent access, stealing sensitive data, modifying system configurations, or even pivoting to other systems on the network. The ability to execute OS commands directly bypasses normal application security controls, making it a high-impact vulnerability. While the description specifies local exploitation, successful command execution could be leveraged to escalate privileges or compromise the underlying infrastructure, significantly expanding the blast radius.
This vulnerability has been publicly disclosed, increasing the risk of exploitation. The description indicates the exploit may be used, suggesting the existence of a proof-of-concept. The vulnerability is within a Node.js component, potentially impacting applications utilizing this codebase. The lack of a specific fixed version due to the rolling release model complicates remediation efforts and necessitates a focus on compensating controls.
Exploit Status
EPSS
0.51% (66% percentile)
CISA SSVC
CVSS Vector
Due to the rolling release model of codebase-mcp, a direct upgrade to a patched version is not currently available. Mitigation strategies should focus on restricting local access to the codebase-mcp component and implementing robust monitoring. Consider implementing strict access controls to limit which users or processes can interact with the vulnerable function. Implement input validation and sanitization to prevent malicious commands from being injected. Monitor system logs for suspicious command execution patterns, particularly those related to the getCodebase/getRemoteCodebase/saveCodebase function. Consider using a Web Application Firewall (WAF) or proxy to filter potentially malicious requests, although this may not be effective for locally triggered commands. There are no specific Sigma or YARA rules available at this time.
Update the codebase-mcp package to a version later than 3ec749d237dd8eabbeef48657cf917275792fde6, if available. Otherwise, it is recommended to review and correct the source code in src/tools/codebase.ts, specifically the getCodebase/getRemoteCodebase/saveCodebase functions, to prevent os command injection (os command injection).
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-5023 is a command injection vulnerability in codebase-mcp, allowing attackers to execute OS commands locally. It affects versions up to 3ec749d237dd8eabbeef48657cf917275792fde6.
If you are using codebase-mcp versions up to 3ec749d237dd8eabbeef48657cf917275792fde6 and allow local access to the component, you are potentially affected.
Due to the rolling release model, a direct upgrade is unavailable. Focus on restricting local access, implementing input validation, and monitoring system logs.
The vulnerability has been publicly disclosed and may be used, indicating a potential for active exploitation.
Refer to the DeDeveloper23 project's official communication channels for updates and advisories regarding CVE-2026-5023.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.