Lucene search
K

5 matches found

Veracode
Veracode
added 2025/11/06 9:25 a.m.6 views

Command Injection

adb-mcp Server is vulnerable to Command Injection. The vulnerability is due to improper handling of user-supplied input in certain MCP Server tool definitions and implementations, which allows an attacker to inject and execute arbitrary system commands...

9.8CVSS7.5AI score0.0227EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-31042

Malicious code in bioql PyPI...

9.8CVSS6.4AI score0.0227EPSS
Exploits1References5
CVE
CVE
added 2025/09/25 1:41 p.m.27 views

CVE-2025-59834

CVE-2025-59834 affects the adb-mcp MCP Server. The vulnerability stems from constructing shell commands by concatenating untrusted input (notably the device parameter) in executeAdbCommand, enabling remote command injection via the MCP Server tool definitions (e.g., inspect_ui). The issue impacts...

9.8CVSS7.1AI score0.0227EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2025/09/25 1:41 p.m.11 views

CVE-2025-59834 Command Injection in adb-mcp MCP Server

ADB MCP Server is a MCP Model Context Protocol server for interacting with Android devices through ADB. In versions 0.1.0 and prior, the MCP Server is written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Server tool definition and implementatio...

9.8CVSS0.0227EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2025/09/24 6:59 p.m.10 views

Command Injection in adb-mcp MCP Server

Command Injection in adb-mcp MCP Server The MCP Server at https://github.com/srmorete/adb-mcp is written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Server tool definition and implementation. The MCP Server is also published publicly to npm at...

9.8CVSS8.3AI score0.0227EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder