Description
A vulnerability was found in r-huijts xcode-mcp-server up to f3419f00117aa9949e326f78cc940166c88f18cb. This affects the function registerXcodeTools of the file src/tools/xcode/index.ts of the component run_lldb. The manipulation of the argument args results in command injection. It is possible to launch the attack remotely. The exploit has been made public and could be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The patch is identified as 11f8d6bacadd153beee649f92a78a9dad761f56f. Applying a patch is advised to resolve this issue.
Published: 2026-02-08
Score: 5.3 Medium
EPSS: 3.0% Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A flaw in the registerXcodeTools function of the run_lldb component causes unfiltered user data to be fed directly to the operating system’s shell, enabling a classic command‑injection weakness (CWE‑74 and CWE‑77). An attacker can supply crafted arguments that will be executed as shell commands on the host running the service. The service accepts requests over the network, so the exploitation can occur remotely without local privileges, allowing arbitrary command execution, data exfiltration, or further system compromise.

Affected Systems

The vulnerability impacts the r‑huijts xcode-mcp-server service, specifically its run_lldb component. All builds derived from the internal commit archive up to f3419f00117aa9949e326f78cc940166c88f18cb are affected. Because the project follows a rolling‑release model, exact release numbers are not defined; the only reliable marker of a vulnerable state is the insecure commit hash noted in the advisory.

Risk and Exploitability

The CVSS score of 5.3 denotes moderate severity, while the EPSS score of 3% indicates a relatively low current exploitation probability. The issue is not listed in the CISA KEV catalog. Exploitation requires only that an attacker can send crafted requests to the run_lldb component over the network; no additional authentication or privilege escalation is required by the description.

Generated by OpenCVE AI on June 18, 2026 at 11:08 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the commit 11f8d6bacadd153beee649f92a78a9dad761f56f to the source code and redeploy the service
  • Use a newer release of xcode-mcp-server that incorporates the fix
  • If a patch cannot be applied immediately, limit network access to the run_lldb component to prevent remote exploitation
  • Implement input validation and sanitization for the registerXcodeTools function to eliminate command‑injection paths, following CWE‑77 guidance

Generated by OpenCVE AI on June 18, 2026 at 11:08 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-84fx-pwf3-7777 xcode-mcp-server vulnerable to Command Injection
History

Thu, 05 Mar 2026 21:45:00 +0000

Type Values Removed Values Added
First Time appeared R-huijts xcode Mcp Server
CPEs cpe:2.3:a:r-huijts:xcode_mcp_server:*:*:*:*:*:*:*:*
Vendors & Products R-huijts xcode Mcp Server

Mon, 09 Feb 2026 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 09 Feb 2026 11:00:00 +0000

Type Values Removed Values Added
First Time appeared R-huijts
R-huijts xcode-mcp-server
Vendors & Products R-huijts
R-huijts xcode-mcp-server

Sun, 08 Feb 2026 19:15:00 +0000

Type Values Removed Values Added
Description A vulnerability was found in r-huijts xcode-mcp-server up to f3419f00117aa9949e326f78cc940166c88f18cb. This affects the function registerXcodeTools of the file src/tools/xcode/index.ts of the component run_lldb. The manipulation of the argument args results in command injection. It is possible to launch the attack remotely. The exploit has been made public and could be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The patch is identified as 11f8d6bacadd153beee649f92a78a9dad761f56f. Applying a patch is advised to resolve this issue.
Title r-huijts xcode-mcp-server run_lldb index.ts registerXcodeTools command injection
Weaknesses CWE-74
CWE-77
References
Metrics cvssV2_0

{'score': 6.5, 'vector': 'AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C'}

cvssV3_0

{'score': 6.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C'}

cvssV3_1

{'score': 6.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

R-huijts Xcode-mcp-server Xcode Mcp Server
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-02-23T09:47:43.782Z

Reserved: 2026-02-07T15:13:49.484Z

Link: CVE-2026-2178

cve-icon Vulnrichment

Updated: 2026-02-09T17:40:05.311Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-08T19:16:22.313

Modified: 2026-06-17T10:30:28.820

Link: CVE-2026-2178

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-18T11:15:03Z

Weaknesses
  • CWE-74

    Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

  • CWE-77

    Improper Neutralization of Special Elements used in a Command ('Command Injection')