Threat Intel

v0.1

← CVEs

CVE-2026-2178

MED 6.3
Published
2026-02-08
Last Modified
2026-03-05
Affected Apps
13
Affected Devices
27
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
A vulnerability was found in r-huijts xcode-mcp-server up to f3419f00117aa9949e326f78cc940166c88f18cb. This affects the function registerXcodeTools of the file src/tools/xcode/index.ts of the component run_lldb. The manipulation of the argument args results in command injection. It is possible to launch the attack remotely. The exploit has been made public and could be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The patch is identified as 11f8d6bacadd153beee649f92a78a9dad761f56f. Applying a patch is advised to resolve this issue.
Affected Applications in Environment 13
XCode v4.6 (2066)
1 device
XCode v16.0 (23051)
1 device
XCode v26.4 (24909)
7 devices
XCode v26.3 (24587)
7 devices
XCode v15.4 (22622)
1 device
XCode v26.2 (24553)
3 devices
XCode v16.4 (23792)
3 devices
XCode v26.0.1 (24229)
1 device
XCode v26.1.1 (24455)
1 device
XCode v26.3 (24553)
2 devices
XCode
1 device
XCode v16.2 (23507)
1 device
server v1.0.0.0
1 device
Affected Devices 27
Charless-MacBook-Pro.local Mac EBB107-01 Windows ITCL-Mac1 Mac ITCL-TestMac Mac Kotaro Mac MacBook-Pro.local Mac a00014897-WP6XYPPF74 Mac a00015523-HL9P9L0MC7 Mac a00308859-C7J9FPH65Q Mac a00430119-QHWX7JKQ5G Mac a00932230-C42HWM7VN6 Mac a00957369-K6KVHY00C5 Mac a01099603-GXQ5MWJ9H7 Mac a01112421-M9N03L39N7 Mac a01312983-R64DXM900C Mac a02213466-C2V9D4WYJM Mac a02324477-RR73X1VHHP Mac a02399564-MHQGVYK2LX Mac a02428741-GV6T7QHTH3 Mac a02445096-F7X25WX1NF Mac a02445852-KWJ4R6L6GV Mac a02462004-FVKH5QCYT2 Mac a02462088-J9KG9CCXX3 Mac a02462088-M5274P9JTG Mac adamthomas-H73N967GM2 Mac itcl-macmini-server.urlab.usu.edu Mac moe-pro-2023 Mac
References 7