CVE-2026-31040

Command Execution via Unvalidated Stata Do‑File Content in stata-mcp

Description

A vulnerability was identified in stata-mcp prior to v1.13.0 where insufficient validation of user-supplied Stata do-file content can lead to command execution.

INFO

Published Date :

2026-04-08T00:00:00.000Z

Last Modified :

2026-04-09T20:19:10.339Z

Source :

mitre

AFFECTED PRODUCTS

The following products are affected by CVE-2026-31040 vulnerability.

Vendors	Products
Sepinetam	Stata-mcp

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-31040.

URL	Resource
https://github.com/SepineTam/stata-mcp/commit/52413ce
https://github.com/SepineTam/stata-mcp/issues/20
https://github.com/SepineTam/stata-mcp/pull/21
https://github.com/SepineTam/stata-mcp/releases/tag/v1.13.0