Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.8
CVE-2026-44717: MCP Calculate Server allows malicious code execution
CVE-2026-44717
Summary
The MCP Calculate Server, used for mathematical calculations, has a security issue that allows attackers to execute malicious code. This could lead to unauthorized access to your system. Update to the latest version (0.1.1) to fix this issue.
Original title
MCP Calculate Server is a mathematical calculation service based on MCP protocol and SymPy library. Prior to 0.1.1, the use of eval() to evaluate mathematical expressions without proper input sanit...
Original description
MCP Calculate Server is a mathematical calculation service based on MCP protocol and SymPy library. Prior to 0.1.1, the use of eval() to evaluate mathematical expressions without proper input sanitization leads to remote code execution. This vulnerability is fixed in 0.1.1.
nvd CVSS3.1
9.8
Vulnerability type
CWE-94
Code Injection
Published: 15 May 2026 · Updated: 28 May 2026 · First seen: 15 May 2026