CVE-2026-7416 | PolarVista xcode-mcp-server 1.0.0 MCP Interface src/index.ts build_project/run_tests Request os command injection

A vulnerability categorized as critical has been discovered in PolarVista xcode-mcp-server 1.0.0. This issue affects the function build_project/run_tests of the file src/index.ts of the component MCP Interface. The manipulation of the argument Request results in os command injection.

This vulnerability is cataloged as CVE-2026-7416. The attack may be launched remotely. Furthermore, there is an exploit available.

The project was informed of the problem early through an issue report but has not responded yet.VulDB Recent EntriesRead More