Description
MCP Calculate Server is a mathematical calculation service based on MCP protocol and SymPy library. Prior to 0.1.1, the use of eval() to evaluate mathematical expressions without proper input sanitization leads to remote code execution. This vulnerability is fixed in 0.1.1.
Published: 2026-05-15
Score: 9.8 Critical
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability arises from the use of Python's eval() to process mathematical expressions submitted over the MCP protocol. Because the input is not sanitized, an attacker can embed arbitrary Python code, which the server executes with the privileges of the process. This flaw allows an attacker to run any command, read or modify data, or take full control of the underlying system. The weakness corresponds to CWE‑94 (Code Injection) and the insecure use of eval reflects CWE‑1427.

Affected Systems

All releases of MCP Calculate Server prior to version 0.1.1 are affected. The product, developed by 611711Dark, is a mathematical calculation service that relies on SymPy. Users running any version before the security update are vulnerable.

Risk and Exploitability

The CVSS score of 9.8 indicates critical severity, and the lack of an EPSS assessment suggests no publicly reported exploitation yet, but the flaw remains exploitable by anyone who can connect to the MCP service. The vulnerability is listed as not in the CISA KEV catalog, but its high impact and ease of exploitation mean the recommended posture is to apply the fix immediately. The likely attack path involves sending a malicious mathematical expression through the MCP protocol, which is executed directly by eval(), giving the attacker remote code execution on the host.

Generated by OpenCVE AI on May 15, 2026 at 18:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade MCP Calculate Server to version 0.1.1 or later, which removes the eval() call.
  • Validate or sanitize all input mathematical expressions before evaluation, allowing only safe symbols and operations.
  • Restrict access to the MCP protocol endpoint to trusted networks or enforce authentication to limit exposure to untrusted users.

Generated by OpenCVE AI on May 15, 2026 at 18:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 15 May 2026 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 15 May 2026 17:15:00 +0000

Type Values Removed Values Added
Description MCP Calculate Server is a mathematical calculation service based on MCP protocol and SymPy library. Prior to 0.1.1, the use of eval() to evaluate mathematical expressions without proper input sanitization leads to remote code execution. This vulnerability is fixed in 0.1.1.
Title MCP Calculate Server: Prompt Injection to RCE
Weaknesses CWE-1427
CWE-94
References
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-05-15T17:25:39.779Z

Reserved: 2026-05-07T18:04:17.307Z

Link: CVE-2026-44717

cve-icon Vulnrichment

Updated: 2026-05-15T17:25:34.852Z

cve-icon NVD

Status : Received

Published: 2026-05-15T17:16:48.073

Modified: 2026-05-15T17:16:48.073

Link: CVE-2026-44717

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-15T18:30:05Z

Weaknesses