CVE-2026-22688 | Tencent WeKnora up to 0.2.4 MCP stdio Setting command injection (GHSA-78h3-63c4-5fqc)

A vulnerability labeled as critical has been found in Tencent WeKnora up to 0.2.4. Affected by this vulnerability is an unknown functionality of the component MCP stdio Setting Handler. Such manipulation leads to command injection.

This vulnerability is documented as CVE-2026-22688. The attack can be executed remotely. There is not any exploit available.

The affected component should be upgraded.VulDB Recent EntriesRead More