CVE-2025-61489 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A command injection vulnerability in the shell_exec function of sonirico mcp-shell v0.3.1 allows attackers to execute arbitrary commands via supplying a crafted…
Medium CVSS: 6.5

CVE-2025-61489

A command injection vulnerability in the shell_exec function of sonirico mcp-shell v0.3.1 allows attackers to execute arbitrary commands via supplying a crafted command string.
Vendor
Sonirico
Product
Mcp-shell
CWE
CWE-77
Yayın Tarihi
2026-01-07 17:16:00
Güncelleme
2026-01-29 01:13:50
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-77 Mcp-shell MEDIUM Sonirico 2026

Referanslar

https://github.com/sonirico/mcp-shell https://github.com/sonirico/mcp-shell/issues/4