CVE-2026-23882 — Blinko is an AI-powered card note-taking project. Prior to version 1.8.4, the MCP (Model Context Protocol) server creation function allows specifying arbitrary commands and arguments, which are execut — CVE Database · The Intelligence Room