CVE-2026-1977

🟡 MEDIUM

Published

Feb 06, 2026

Last Modified

Feb 06, 2026

Views

Bookmarks

Description

Request Expert Review

A security vulnerability has been detected in isaacwasserman mcp-vegalite-server up to 16aefed598b8cd897b78e99b907f6e2984572c61. Affected by this vulnerability is the function eval of the component visualize_data. Such manipulation of the argument vegalite_specification leads to code injection. The attack may be performed from remote. The exploit has been disclosed publicly and may be used. This product utilizes a rolling release system for continuous delivery, and as such, version information for affected or updated releases is not disclosed. The project was informed of the problem early through an issue report but has not responded yet.

CVSS Scores

CVSS 3.1 6.3

6.3

MEDIUM

CVSS 2.0 6.3

References

github.com github.com vuldb.com vuldb.com vuldb.com

Additional Information

Source: cna@vuldb.com
State: Received

Related CVEs

CVE-2026-1990

LOW

A security vulnerability has been detected in oatpp up to 1.3.1. This impacts the function oatpp::data::type::ObjectWrapper::ObjectWrapper of the file...

Score: 3.3

CVE-2026-1979

MEDIUM

A flaw has been found in mruby up to 3.4.0. This affects the function mrb_vm_exec of the file src/vm.c of the component JMPNOT-to-JMPIF Optimization....

Score: 5.3

CVE-2026-1978

MEDIUM

A vulnerability was detected in kalyan02 NanoCMS up to 0.4. Affected by this issue is some unknown functionality of the file /data/pagesdata.txt of th...

Score: 5.3

CVE-2025-15566

HIGH

A security issue was discovered in ingress-nginx where the `nginx.ingress.kubernetes.io/auth-proxy-set-headers` Ingress annotation can be used to inje...

Score: 8.8

CVE-2026-1976

MEDIUM

A weakness has been identified in Free5GC up to 4.1.0. Affected is the function SessionDeletionResponse of the component SMF. This manipulation causes...

Score: 5.3

CVE-2026-1975

MEDIUM

A security flaw has been discovered in Free5GC up to 4.1.0. This impacts the function identityTriggerType of the file pfcp_reports.go. The manipulatio...

Score: 5.3

Share CVE-2026-1977

Share on Social Media

Copy Link

Embed Code

HTML Embed (for websites/blogs)

Markdown (for GitHub/Discord)

Request Expert Analysis

Request a professional security analysis for CVE-2026-1977 from our verified experts.

Credits System

Use your credits to get expert analysis from verified security professionals. Purchase more credits anytime!

Priority Level

SLA Acceleration (50% faster delivery)

Add 3 credits for accelerated delivery

Additional Context (Optional)

Base Cost: 8 credits

Priority Upgrade: + credits

SLA Acceleration: +3 credits

Total Cost:

Your Balance:

Insufficient Credits

You need more credits to submit this request.

Buy Credits

CVE-2026-1977

Description

CVSS Scores

References

Additional Information

Related CVEs

CVE-2026-1990

CVE-2026-1979

CVE-2026-1978

CVE-2025-15566

CVE-2026-1976

CVE-2026-1975

Share CVE-2026-1977

Share on Social Media

Copy Link

Embed Code

Request Expert Analysis

Credits System

Insufficient Credits

Report Analysis