VIR Vulnerability Intelligence Relay

Package impact

python PyPI / stata-mcp

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-47708 unknown 16h ago MCP-for-Stata: Command injection via log_file_name parameter in Stata command wrapper
CVE-2026-31040 unknown 2mo ago stata-mcp has insufficient validation of user-supplied Stata do-file content that can lead to command execution