Vulnerabilities

CVE-2026-2131

by Fred · 08/02/2026

A vulnerability was identified in XixianLiang HarmonyOS-mcp-server 0.1.0. This vulnerability affects the function input_text. The manipulation of the argument text leads to os command injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.

More information : https://github.com/scanleale/MCP_sec/blob/main/HarmonyOS-mcp-server%20RCE%20vulnerability.md

Similar

Tags: Cybersecurity Alert