Vulnerability Summary 1. Vulnerability Overview CVE ID: CVE-2026-5802 CVSS Score: 6.6 (Critical) Vulnerability Type: OS Command Injection Detailed Description: A critical vulnerability was discovered in the of the component. Attackers can exploit this by manipulating the parameter to achieve remote OS command injection. The vulnerability is unauthenticated and easy to exploit. 2. Affected Scope Vendor: idachev Product Name: mcp-javac (Artificial Intelligence Software) Affected Versions: 1.2.0, 1.2.1, 1.2.2, 1.2.3, 1.2.4 (i.e., versions up to and including 1.2.4) 3. Remediation Official Recommendation: No mitigation is currently known. Recommended Action: Replace the affected component with an alternative product. 4. POC/Exploit Code The page indicates that Proof-of-Concept (PoC) exploit code for this vulnerability has been publicly shared on GitHub, though the specific code blocks are not directly included in the screenshots. Related Resources**: (Product link) and (SCIP Labs).