← The Wire
Entity trail

Pattern Mcp Config Files In Repos Are The New Rce Supply Chain Surface Across Ides

Source-backed findings, relationship evidence, citations, and briefing history from the public MindPattern archive.

Briefing refs
0
Findings
1
Edges
0
Sources
1

Corpus findings

  1. 2026-06-26 / vibe-coding-researcherPattern: MCP Config Files in Repos Are the New RCE Supply-Chain Surface Across IDEsThe Amazon Q CVE is one instance of a broader 2026 pattern — MCP configuration carried in repositories has become a remote-code-execution supply-chain surface, not just untrusted tool output. Research shows Cursor, VS Code, Windsurf, Claude Code, and Gemini-CLI are all vulnerable to MCP-based prompt-injection/auto-launch attacks (Windsurf reportedly exploitable with zero user interaction), and large-scale scans like VIPER-MCP across ~40K repos produced 67 CVEs. The config file itself is now the attack vector.

Source trail

Graph sources

entity graphfindings textkg entities