CVE-2026-30617 — HIGH (8.6)

Vulnerability Description

LangChain-ChatChat 0.3.1 contains a remote code execution vulnerability in its MCP STDIO server configuration and execution handling. A remote attacker can access the publicly exposed MCP management interface and configure an MCP STDIO server with attacker-controlled commands and arguments. When the MCP server is started and MCP is enabled for agent execution, subsequent agent activity triggers execution of arbitrary commands on the server. Successful exploitation allows arbitrary command execution within the context of the LangChain-ChatChat service.

CVSS Score

8.6

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

LOW

Availability

HIGH

Related Weaknesses (CWE)

CWE-77

References

https://www.ox.security/blog/mcp-supply-chain-advisory-rce-vulnerabilities-acros

FAQ

What is CVE-2026-30617?

CVE-2026-30617 is a vulnerability with a CVSS score of 8.6 (HIGH). LangChain-ChatChat 0.3.1 contains a remote code execution vulnerability in its MCP STDIO server configuration and execution handling. A remote attacker can access the publicly exposed MCP management i...

How severe is CVE-2026-30617?

CVE-2026-30617 has been rated HIGH with a CVSS base score of 8.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2026-30617?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.