top of page
perceptive_background_267k.jpg

A flaw has been found in disler aider-mcp-server up to b2516fa466d0d851932da92ee6d0e66946db9efc. Affected by this vulnerability is an unknown functionality of t…

Published:

26 April 2026 at 22:00:00

Alert date:

27 April 2026 at 22:02:51

Source:

nvd.nist.gov

Click to open the original link from this advisory

Supply Chain & Dependencies, Web Technologies

A command injection vulnerability has been discovered in disler aider-mcp-server up to commit b2516fa. The flaw affects an unknown functionality in the server.py file of the aider_ai_code component. The vulnerability can be exploited remotely through manipulation of the relative_editable_files argument. An exploit has been published and is available for use. The project maintainers were notified early but have not responded yet. The product uses rolling releases making version tracking difficult.

Technical details

Mitigation steps:

Affected products:

aider-mcp-server

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-7157
https://github.com/disler/aider-mcp-server/
https://github.com/disler/aider-mcp-server/issues/16
https://vuldb.com/submit/802061
https://vuldb.com/vuln/359756
https://vuldb.com/vuln/359756/cti

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page