coding-solo CVE Vulnerabilities & CVE List (1)

Products (CPE): — CVEs: 1

coding-solo vulnerability overview

This page aggregates publicly disclosed CVE and security risk information related to coding-solo, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.

Vulnerability distribution trend (last 24 months)

Showing 11 of 1 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2026-25546 Godot MCP is a Model Context Protocol (MCP) server for interacting with the Godot game engine. Prior to version 0.1.1, a command injection vulnerability in godot-mcp allows remote code execution. The executeOperation function passed user-controlled input (e.g., projectPath) directly to exec(), which spawns a shell. An attacker could inject shell metacharacters like $(command) or &calc to execute arbitrary commands with the privileges of the MCP server process. This affects any tool that accepts [email protected] 7.8 0.85% 2026-02-04 2026-06-17
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence