13 matches found
CVE-2026-5741
A weakness has been identified in suvarchal docker-mcp-server up to 0.1.0. The impacted element is the function stopcontainer/removecontainer/pullimage of the file src/index.ts of the component HTTP Interface. This manipulation causes os command injection. The attack is possible to be carried out...
EUVD-2026-19933
A weakness has been identified in suvarchal docker-mcp-server up to 0.1.0. The impacted element is the function stopcontainer/removecontainer/pullimage of the file src/index.ts of the component HTTP Interface. This manipulation causes os command injection. The attack is possible to be carried out...
CVE-2026-5741
A weakness has been identified in suvarchal docker-mcp-server up to 0.1.0. The impacted element is the function stopcontainer/removecontainer/pullimage of the file src/index.ts of the component HTTP Interface. This manipulation causes os command injection. The attack is possible to be carried out...
CVE-2026-5741 suvarchal docker-mcp-server HTTP index.ts pull_image os command injection
A weakness has been identified in suvarchal docker-mcp-server up to 0.1.0. The impacted element is the function stopcontainer/removecontainer/pullimage of the file src/index.ts of the component HTTP Interface. This manipulation causes os command injection. The attack is possible to be carried out...
CVE-2026-5741
A weakness has been identified in suvarchal docker-mcp-server up to 0.1.0. The impacted element is the function stopcontainer/removecontainer/pullimage of the file src/index.ts of the component HTTP Interface. This manipulation causes os command injection. The attack is possible to be carried out...
CVE-2026-5741 suvarchal docker-mcp-server HTTP index.ts pull_image os command injection
A weakness has been identified in suvarchal docker-mcp-server up to 0.1.0. The impacted element is the function stopcontainer/removecontainer/pullimage of the file src/index.ts of the component HTTP Interface. This manipulation causes os command injection. The attack is possible to be carried out...
CVE-2026-5741
CVE-2026-5741 affects suvarchal/docker-mcp-server up to version 0.1.0. The vulnerability is in src/index.ts functions stop_container, remove_container, and pull_image of the HTTP Interface component, enabling remote command injection. Public exploit exists and could be used for attacks; project h...
PT-2026-31014
A weakness has been identified in suvarchal docker-mcp-server up to 0.1.0. The impacted element is the function stop container/remove container/pull image of the file src/index.ts of the component HTTP Interface. This manipulation causes os command injection. The attack is possible to be carried...
Docker MCP Server 操作系统命令注入漏洞
Docker MCP Server is an MCP protocol server developed by Suvarchal Kumar Cheedela for Docker operations. Versions of Docker MCP Server prior to 0.1.0 have a vulnerability related to operating system command injection. This vulnerability stems from incorrect operations on the functions...
GO-2025-4179 Docker MCP Plugin and Docker MCP Gateway have DNS Rebinding vulnerability when running in sse or streaming mode in github.com/docker/mcp-gateway
Docker MCP Plugin and Docker MCP Gateway have DNS Rebinding vulnerability when running in sse or streaming mode in github.com/docker/mcp-gateway...
EUVD-2025-200985
MCP Gateway allows easy and secure running and deployment of MCP servers. In versions 0.27.0 and earlier, when MCP Gateway runs in sse or streaming transport mode, it is vulnerable to DNS rebinding. An attacker who can get a victim to visit a malicious website or be served a malicious advertiseme...
GHSA-46GC-MWH4-CC5R Docker MCP Plugin and Docker MCP Gateway have DNS Rebinding vulnerability when running in sse or streaming mode
Impact When ran in sse or streaming mode --transport, the Docker MCP Gateway is vulnerable to a DNS rebinding attack. Vulnerability allows for Browser-Based exploitation of any MCP servers that are executing within the Docker MCP Gateway. Any tools or other features exposed by MCP servers can be...
Docker MCP Gateway 安全漏洞
Docker MCP Gateway is a gateway service from Docker Inc. in the United States. A security vulnerability exists in Docker MCP Gateway version 0.27.0 and earlier, which stems from vulnerability to DNS rebinding attacks when running in sse or streaming transport mode, and could lead to browser-based...