CVE-2025-11491 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A vulnerability was found in wonderwhy-er DesktopCommanderMCP up to 0.2.13. The impacted element is the function CommandManager of the file src/command-manager.…
Medium CVSS: 5.3

CVE-2025-11491

A vulnerability was found in wonderwhy-er DesktopCommanderMCP up to 0.2.13. The impacted element is the function CommandManager of the file src/command-manager.ts. Performing manipulation results in os command injection. It is possible to initiate the attack remotely. The exploit has been made public and could be used.
Vendor
Wonderwhy-er
Product
Desktopcommandermcp
CWE
CWE-77
Yayın Tarihi
2025-10-08 19:15:44
Güncelleme
2025-12-12 18:35:12
Source Identifier
cna@vuldb.com
KEV Date Added
-

Kategoriler

CWE-77 Desktopcommandermcp MEDIUM Wonderwhy-er 2025

Referanslar

https://github.com/wonderwhy-er/DesktopCommanderMCP/issues/217 https://github.com/wonderwhy-er/DesktopCommanderMCP/issues/217#issue-3343853704 https://vuldb.com/?ctiid.327610 https://vuldb.com/?id.327610 https://vuldb.com/?submit.668006