Cyber Posture

CVE-2026-2008

MediumPublic PoC

Published: 06 February 2026

Published
06 February 2026
Modified
17 February 2026
KEV Added
Patch
CVSS Score 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
EPSS Score 0.0010 27.3th percentile
Risk Priority 13 60% EPSS · 20% KEV · 20% CVSS

Description

A vulnerability was detected in abhiphile fermat-mcp up to 47f11def1cd37e45dd060f30cdce346cbdbd6f0a. This vulnerability affects the function eqn_chart of the file fmcp/mpl_mcp/core/eqn_chart.py. Performing a manipulation of the argument equations results in code injection. It is possible to initiate the attack remotely. The…

more

exploit is now public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The project was informed of the problem early through an issue report but has not responded yet.

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match
prevent

Directly prevents code injection by requiring validation and sanitization of the untrusted 'equations' input argument in eqn_chart.py.

SI-2 Flaw Remediation good match
prevent

Mandates timely remediation of the known code injection flaw, addressing the lack of patches in the rolling release model.

SI-4 System Monitoring partial match
detect

Enables monitoring for anomalous behavior indicative of code injection exploitation, given the public exploit availability.

Security SummaryAI

CVE-2026-2008 is a code injection vulnerability (CWE-74, CWE-94) in the abhiphile/fermat-mcp project, affecting the eqn_chart function in the file fmcp/mpl_mcp/core/eqn_chart.py. The flaw arises from manipulation of the 'equations' argument and impacts commits up to 47f11def1cd37e45dd060f30cdce346cbdbd6f0a. Published on 2026-02-06, it carries a CVSS v3.1 base score of 6.3 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L).

An attacker with low privileges can exploit this vulnerability remotely with low complexity and no user interaction. Successful exploitation enables code injection, resulting in limited impacts to confidentiality, integrity, and availability.

The project employs a rolling release model, providing no specific details on affected or updated versions. It was informed early via GitHub issue #9 but has not responded. An exploit is public, with further details available in the repository at https://github.com/abhiphile/fermat-mcp/, the issue tracker at https://github.com/abhiphile/fermat-mcp/issues/9 and https://github.com/abhiphile/fermat-mcp/issues/9#issue-3837794397, and VulDB at https://vuldb.com/?ctiid.344590 and https://vuldb.com/?id.344590. No patches or mitigations are documented.

Details

CWE(s)
CWE-74CWE-94

Affected Products

abhiphile
fermat
≤ 2025-10-08

AI Security AnalysisAI

AI Category
AI Agent Protocols and Integrations
Risk Domain
Protocol-Specific Risks
OWASP Top 10 for LLMs 2025
None mapped
MITRE ATLAS Techniques
None mapped
Classification Reason
Matched keywords: mcp

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
T1059.006 Python Execution
Adversaries may abuse Python commands and scripts for execution.
attack.mitre.org →
Why these techniques?

Code injection vulnerability in a remotely accessible Python service (AV:N/PR:L) enables exploitation of public-facing application (T1190) and arbitrary Python code execution (T1059.006).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References