Lucene search
+L

5 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-26205

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.01349EPSS
Exploits0References6
veracode
veracode
added 2025/09/29 10:46 a.m.7 views

OS Command Injection

@aiondadotcom/mcp-ssh is vulnerable to OS command injection. The vulnerability is due to insufficient input validation in the file server-simple.mjs component, which allows unsanitized data to be incorporated into system-level command execution and therefore enables an attacker to execute arbitra...

6.5CVSS8AI score0.01349EPSS
Exploits0References6Affected Software1
snyk
snyk
added 2025/08/29 3:30 p.m.5 views

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Overview @aiondadotcom/mcp-ssh is a MCP Agent for managing SSH hosts - A Model Context Protocol server for SSH operations Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' due to using the execAsync...

6.5CVSS7.5AI score0.01349EPSS
Exploits0References2
nvd
nvd
added 2025/08/29 3:15 p.m.7 views

CVE-2025-9654

A security flaw has been discovered in AiondaDotCom mcp-ssh up to 1.0.3. Affected by this issue is some unknown functionality of the file server-simple.mjs. Performing manipulation results in command injection. The attack can be initiated remotely. Upgrading to version 1.0.4 and 1.1.0 can resolve...

6.5CVSS0.01349EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2025/08/29 3:2 p.m.1 views

CVE-2025-9654 AiondaDotCom mcp-ssh server-simple.mjs command injection

A security flaw has been discovered in AiondaDotCom mcp-ssh up to 1.0.3. Affected by this issue is some unknown functionality of the file server-simple.mjs. Performing manipulation results in command injection. The attack can be initiated remotely. Upgrading to version 1.0.4 and 1.1.0 can resolve...

6.5CVSS6.8AI score0.01349EPSS
Exploits0References5
Rows per page
Query Builder