The mono debugger scripts (mdb and mdb-symbolreader) misuse the LD_LIBRARY_PATH environment variable (empty case) which could allow loading shared libraries from the current directory.
Upstream has released 2.8.1 which contains the fix for this issue.
This patch could probably be backported to mono-debugger-2.6:
Fixed packages have been stabilized via 352808 and, for ppc only, 359651.
GLSA Vote: yes.
Vote: YES. New GLSA request filed.
This issue was resolved and addressed in
GLSA 201206-13 at http://security.gentoo.org/glsa/glsa-201206-13.xml
by GLSA coordinator Tobias Heinlein (keytoaster).