top of page
perceptive_background_267k.jpg

A vulnerability has been found in jackwrichards FastlyMCP up to 6f3d0b0e654fc51076badc7fa16c03c461f95620. This impacts an unknown function of the file fastly-mc…

Published:

27 april 2026 om 22:00:00

Alert date:

28 april 2026 om 21:20:20

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies, Supply Chain & Dependencies

CVE-2026-7220 affects jackwrichards FastlyMCP up to commit 6f3d0b0e654fc51076badc7fa16c03c461f95620. The vulnerability exists in the fastly-mcp.mjs file of the fastly_cli Tool component. An attacker can manipulate the command argument to achieve OS command injection. The attack can be initiated remotely and the exploit has been publicly disclosed. The project uses rolling releases making version tracking difficult. The maintainer has been notified through an issue report but has not responded yet.

Technical details

Mitigation steps:

Affected products:

FastlyMCP

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-7220
https://github.com/jackwrichards/FastlyMCP/
https://github.com/jackwrichards/FastlyMCP/issues/3
https://vuldb.com/submit/802138
https://vuldb.com/vuln/359820
https://vuldb.com/vuln/359820/cti

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page