CNNVD-202602-1071 Information

CNNVD ID

CNNVD-202602-1071

Related CVE

CVE-2026-1977

• CNNVD Published: 2026-02-06

Description (Chinese)

Data Visualization MCP Server是Isaac Wasserman个人开发者的一个用于数据可视化的上下文协议服务器。 Data Visualization MCP Server存在代码注入漏洞，该漏洞源于对参数vegalite_specification的错误操作，可能导致代码注入。

Description (English)

Data Vision MCP Server is a context protocol server for data visualization by Isaac Wasserman’s personal developer. Data Vision MCP Server has a code-injection loophole, which results from an error in the parameter vegalite specification, which may result in a code-injection.

Hazard Level

High

Vulnerability Type

代码注入

Affected Vendor

个人开发者

Published

2026-02-06

Last Modified

2026-02-24

References

https://github.com/isaacwasserman/mcp-vegalite-server/ https://github.com/isaacwasserman/mcp-vegalite-server/issues/9 https://vuldb.com/?ctiid.344499 https://vuldb.com/?id.344499 https://vuldb.com/?submit.743246