This vulnerability involves command injection in the automagik-genie 2.5.27 MCP Server, specifically in the readTranscriptFromCommit function within dist/mcp/server.js. An attacker can exploit the view_task (also known as view) parameter to execute arbitrary commands if the server reads data from an external FORGE_BASE_URL. The vulnerability was published on May 11, 2026, but no CVSS score or remediation details are provided. The affected versions are unspecified beyond 2.5.27, and no patch or fix information is currently available.

Successful exploitation could allow an attacker to execute arbitrary commands on the affected server, potentially leading to full system compromise depending on the server's privileges. This could impact confidentiality, integrity, and availability of the system running automagik-genie MCP Server. However, no known exploits have been reported in the wild to date.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, users should avoid reading from untrusted external FORGE_BASE_URL sources or restrict access to the vulnerable functionality. Monitor vendor communications for updates on patches or mitigations.