CVE-2026-30635

HighRCE

Published: 11 May 2026

Published

11 May 2026

Modified

12 May 2026

KEV Added

—

Patch

—

CVSS Score 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0017 37.9th percentile

Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-30635 is a high-severity OS Command Injection (CWE-78) vulnerability. Its CVSS base score is 8.1 (High).

Operationally, ranked at the 37.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

This vulnerability is AI-related — categorised as AI Agent Protocols and Integrations; in the Protocol-Specific Risks risk domain.

Threat & Defense Details

Likely Mitigating ControlsAI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

SC-27 Platform-independent Applications

addresses: CWE-78

Platform-independent apps typically execute inside a managed runtime or sandbox that restricts direct OS command execution, reducing the ability to exploit OS command injection.

SI-10 Information Input Validation

addresses: CWE-78

Validates inputs to block special elements that would alter OS command execution.

NVD Description

Command injection vulnerability in automagik-genie 2.5.27 MCP Server allows attackers to execute arbitrary commands via the view_task (aka view) in the readTranscriptFromCommit function in dist/mcp/server.js when a user reads from an external FORGE_BASE_URL.

Deeper analysisAI

Automated synthesis unavailable for this CVE.

Details

CWE(s): CWE-78

AI Security AnalysisAI

AI Category: AI Agent Protocols and Integrations
Risk Domain: Protocol-Specific Risks
OWASP Top 10 for LLMs 2025: None mapped
Classification Reason: Matched keywords: mcp, mcp

References

https://gist.github.com/spdc-elm/3ddecd10ffa85c5963ab7fe531619875
cve@mitre.org
https://gist.github.com/spdc-elm/3ddecd10ffa85c5963ab7fe531619875
134c704f-9b21-4f2e-91b3-4a467353bcc0