{"data":{"id":"4326f261-14f1-49ba-8de6-21c26f58936e","title":"CVE-2026-7061: A weakness has been identified in Toowiredd chatgpt-mcp-server up to 0.1.0. Affected by this issue is some unknown funct","summary":"A vulnerability (CVE-2026-7061) was found in Toowiredd chatgpt-mcp-server version 0.1.0 that allows OS command injection (running unauthorized system commands on a server through malicious input) in the MCP/HTTP component. The flaw can be exploited remotely by attackers, and public exploit code is already available, but the developers have not yet responded to the security report.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2026-7061","publishedAt":"2026-04-26T22:17:33.817Z","cveId":"CVE-2026-7061","cweIds":["CWE-77","CWE-78"],"cvssScore":"7.3","cvssSeverity":"high","severity":"high","attackType":["other"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["Toowiredd chatgpt-mcp-server"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","attackVector":"network","attackComplexity":"low","privilegesRequired":"none","userInteraction":"none","exploitMaturity":"unknown","epssScore":0,"patchAvailable":null,"disclosureDate":"2026-04-26T22:17:33.817Z","capecIds":["CAPEC-88"],"crossRefCount":0,"attackSophistication":"trivial","impactType":["integrity","availability"],"aiComponentTargeted":"api","llmSpecific":true,"classifierConfidence":0.75,"researchCategory":null,"atlasIds":null}}