Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/11/07 8:56 p.m.6 views

CVE-2025-12489

evernote-mcp-server openBrowser Command Injection Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of evernote-mcp-server. An attacker must first obtain the ability to execute low-privileged code on the target system in...

7.8CVSS7.6AI score0.01386EPSS
Exploits0References1
NVD
NVD
added 2025/11/06 9:15 p.m.5 views

CVE-2025-12489

evernote-mcp-server openBrowser Command Injection Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of evernote-mcp-server. An attacker must first obtain the ability to execute low-privileged code on the target system in...

7.8CVSS0.01386EPSS
Exploits0References2
Snyk
Snyk
added 2025/11/06 8:46 p.m.5 views

Command Injection

Overview evernote-mcp-server is a MCP Server for Evernote unofficial Affected versions of this package are vulnerable to Command Injection via the openBrowser function. An attacker can execute arbitrary code with elevated privileges by supplying crafted input that is used in a system call without...

7.8CVSS7.9AI score0.01386EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/06 8:11 p.m.3 views

CVE-2025-12489 evernote-mcp-server openBrowser Command Injection Privilege Escalation Vulnerability

evernote-mcp-server openBrowser Command Injection Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of evernote-mcp-server. An attacker must first obtain the ability to execute low-privileged code on the target system in...

7.8CVSS7.3AI score0.01386EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/06 8:11 p.m.8 views

CVE-2025-12489 evernote-mcp-server openBrowser Command Injection Privilege Escalation Vulnerability

evernote-mcp-server openBrowser Command Injection Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of evernote-mcp-server. An attacker must first obtain the ability to execute low-privileged code on the target system in...

7.8CVSS0.01386EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/10/30 12:0 a.m.5 views

PT-2025-44567

Name of the Vulnerable Software and Affected Versions evernote-mcp-server affected versions not specified Description The evernote-mcp-server software contains a command injection flaw in the openBrowser function. Successful exploitation of this issue could lead to privilege escalation...

7.8CVSS7AI score0.01386EPSS
Exploits0References5
Zero Day Initiative
Zero Day Initiative
added 2025/10/30 12:0 a.m.6 views

evernote-mcp-server openBrowser Command Injection Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of evernote-mcp-server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the openBrowser...

7.8CVSS7.4AI score0.01386EPSS
Exploits0References1
Rows per page
Query Builder