A vulnerability was found in ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b . It has been rated as critical . Impacted is the function Open of the file src/blender_mcp/server.py . The manipulation of the argument input_image_url leads to injection. This vulnerability is referenced as CVE-2026-10661 . Remote exploitation of the attack is possible. Furthermore, an exploit is available. This product follows a rolling release approach for continuous delivery, so version details