{"data":{"id":"074f2cab-91c9-4279-ad1b-2b9a57c82e49","title":"GHSA-3pvh-63gf-j9mw: LangBot: Authenticated RCE Via MCP Configuration","summary":"Authenticated users of LangBot can run any command they want on the server by adding a malicious STDIO MCP (a plugin system that executes external programs) through the Extensions settings. An attacker who logs in (either through their own account or stolen credentials) can configure the MCP to run arbitrary commands, giving them complete control over the machine.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://github.com/advisories/GHSA-3pvh-63gf-j9mw","publishedAt":"2026-07-15T17:39:34.000Z","cveId":"CVE-2026-54449","cweIds":null,"cvssScore":null,"cvssSeverity":"high","severity":"high","attackType":["supply_chain"],"issueType":"vulnerability","affectedPackages":["langbot@<= 4.10.5"],"affectedVendors":["Anthropic"],"affectedVendorsRaw":["LangBot","Anthropic","Model Context Protocol"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0,"patchAvailable":null,"disclosureDate":"2026-07-15T17:39:34.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity","availability"],"aiComponentTargeted":"plugin","llmSpecific":true,"classifierConfidence":0.92,"researchCategory":null,"atlasIds":["AML.T0010"]}}