GHSA-27M7-FFHQ-JQRM MCP Watch has a Critical Command Injection in cloneRepo allows Remote Code Execution (RCE) via malicious URL

Summary The MCPScanner class contains a critical Command Injection vulnerability in the cloneRepo method. The application passes the user-supplied githubUrl argument directly to a system shell via execSync without sanitization. This allows an attacker to execute arbitrary commands on the host...

MCP Watch has a Critical Command Injection in cloneRepo allows Remote Code Execution (RCE) via malicious URL

Summary The MCPScanner class contains a critical Command Injection vulnerability in the cloneRepo method. The application passes the user-supplied githubUrl argument directly to a system shell via execSync without sanitization. This allows an attacker to execute arbitrary commands on the host...

CVE-2025-66401

MCP Watch is a comprehensive security scanner for Model Context Protocol MCP servers. In 0.1.2 and earlier, the MCPScanner class contains a critical Command Injection vulnerability in the cloneRepo method. The application passes the user-supplied githubUrl argument directly to a system shell via...

CVE-2025-66401 MCP Watch has a Critical Command Injection in cloneRepo allows Remote Code Execution (RCE) via malicious URL

MCP Watch is a comprehensive security scanner for Model Context Protocol MCP servers. In 0.1.2 and earlier, the MCPScanner class contains a critical Command Injection vulnerability in the cloneRepo method. The application passes the user-supplied githubUrl argument directly to a system shell via...

CVE-2025-66401 MCP Watch has a Critical Command Injection in cloneRepo allows Remote Code Execution (RCE) via malicious URL

MCP Watch is a comprehensive security scanner for Model Context Protocol MCP servers. In 0.1.2 and earlier, the MCPScanner class contains a critical Command Injection vulnerability in the cloneRepo method. The application passes the user-supplied githubUrl argument directly to a system shell via...

CVE-2025-66401

MCP Watch vulnerability (CVE-2025-66401) affects MCPWatch

Malicious code in hexdeclink (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4df8ddadb082a2d285b508fc17356d22ef0375649424cc39d9b08a9e32ab6684 Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...

PT-2025-48575

Name of the Vulnerable Software and Affected Versions MCP Watch versions 0.1.2 and earlier Description MCP Watch, a security scanner for Model Context Protocol MCP servers, contains a Command Injection issue in the cloneRepo method of the MCPScanner class. The application directly passes the...

MAL-2025-191783 Malicious code in logguru (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 64b91d48504c05711a759a1cb2a0bfd63650f47d05d04296bbea6269ed4229b4 Malicious clone of a legitimate "loguru" package. There is added code to download and run an executable. Sandbox analysis reveals attempts to steal browsers da...

Malicious code in logguru (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 64b91d48504c05711a759a1cb2a0bfd63650f47d05d04296bbea6269ed4229b4 Malicious clone of a legitimate "loguru" package. There is added code to download and run an executable. Sandbox analysis reveals attempts to steal browsers da...

MAL-2025-191755 Malicious code in hexcon (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 191af8110082a90345db609c8f23d2313a5be68ec121742172f32cf3a1d5d905 Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...

Malicious code in jsonschemex (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 21f678f82847db32c68ab5a95a827f755d13b5d4cd371667eb584f25ed28ed01 Malicious clone of a legitimate package with hidden code that downloads the next stage scripts. Analysed payloads had just exfiltrated basic infos --- Category...

MAL-2025-191769 Malicious code in jsonschemex (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 21f678f82847db32c68ab5a95a827f755d13b5d4cd371667eb584f25ed28ed01 Malicious clone of a legitimate package with hidden code that downloads the next stage scripts. Analysed payloads had just exfiltrated basic infos --- Category...

EUVD-2025-198224

Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an Insecure Direct Object Reference IDOR vulnerability in the poll duplication endpoint /api/trpc/polls.duplicate allows any authenticated user to duplicate polls they do not own by modifying the pollId parameter...

Malicious code in perfviewer (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ea912a2de677fa6d9ea6dbf9a792dace4d927efd46a5cb615ba8548fec4930e8 During installation, code downloads and starts an executable and a DLL library. After starting them, files are removed from the disk. The executable has been...

MAL-2025-191754 Malicious code in hexadecpy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e553647ff67ec6e0339b5de8038f9522494a1200e0437156eee7674d5a29ef21 Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...

Automated Side-Channel Analysis of Cryptographic Protocol Implementations

We extract the first formal model of WhatsApp from its implementation by combining binary-level analysis via CryptoBap with reverse engineering via Ghidra to handle this large closed-source application. Using this model, we prove forward secrecy, identify a known clone-attack against...

MAL-2025-191841 Malicious code in python-rootpath (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 bb867560d676e7b79ce110b230906a9630feb223cbcb6072bff5a2636c60a3c7 Hidden code downloads, saves and import a remote script. The package itself is a clone of a legitimate "rootpath". At the time of analysis, the remote script d...

MAL-2025-153426 Malicious code in avminh-afinagoofssa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f9faaac946091f5cf10be380f3dc0d47b7041ae42da4938e97f25f0b64d67460 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-124907

In the Linux kernel, the following vulnerability has been resolved: tls: wait for pending async decryptions if tlsstrpmsghold fails Async decryption calls tlsstrpmsghold to create a clone of the input skb to hold references to the memory it uses. If we fail to allocate that clone, proceeding with...