7 matches found
CVE-2025-12489
evernote-mcp-server openBrowser Command Injection Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of evernote-mcp-server. An attacker must first obtain the ability to execute low-privileged code on the target system in...
CVE-2025-12489
evernote-mcp-server openBrowser Command Injection Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of evernote-mcp-server. An attacker must first obtain the ability to execute low-privileged code on the target system in...
Command Injection
Overview evernote-mcp-server is a MCP Server for Evernote unofficial Affected versions of this package are vulnerable to Command Injection via the openBrowser function. An attacker can execute arbitrary code with elevated privileges by supplying crafted input that is used in a system call without...
CVE-2025-12489 evernote-mcp-server openBrowser Command Injection Privilege Escalation Vulnerability
evernote-mcp-server openBrowser Command Injection Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of evernote-mcp-server. An attacker must first obtain the ability to execute low-privileged code on the target system in...
CVE-2025-12489 evernote-mcp-server openBrowser Command Injection Privilege Escalation Vulnerability
evernote-mcp-server openBrowser Command Injection Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of evernote-mcp-server. An attacker must first obtain the ability to execute low-privileged code on the target system in...
PT-2025-44567
Name of the Vulnerable Software and Affected Versions evernote-mcp-server affected versions not specified Description The evernote-mcp-server software contains a command injection flaw in the openBrowser function. Successful exploitation of this issue could lead to privilege escalation...
evernote-mcp-server openBrowser Command Injection Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of evernote-mcp-server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the openBrowser...