CVE-2026-25546: godot-mcp has Command Injection via unsanitized projectPath
(updated )
A Command Injection vulnerability in godot-mcp allows remote code execution. The executeOperation function passed user-controlled input (e.g., projectPath) directly to exec(), which spawns a shell. An attacker could inject shell metacharacters like $(command) or &calc to execute arbitrary commands with the privileges of the MCP server process.
This affects any tool that accepts projectPath, including create_scene, add_node, load_sprite, and others.
References
- github.com/Coding-Solo/godot-mcp
- github.com/Coding-Solo/godot-mcp/commit/21c785d923cfdb471ea60323c13807d62dfecc5a
- github.com/Coding-Solo/godot-mcp/issues/64
- github.com/Coding-Solo/godot-mcp/pull/67
- github.com/Coding-Solo/godot-mcp/security/advisories/GHSA-8jx2-rhfh-q928
- github.com/advisories/GHSA-8jx2-rhfh-q928
- nvd.nist.gov/vuln/detail/CVE-2026-25546
Code Behaviors & Features
Detect and mitigate CVE-2026-25546 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →