Lucene search
K

5 matches found

OSV
OSV
added 2026/04/06 12:30 a.m.11 views

GHSA-XQV9-QR76-HFQ2 @elgentos/magento2-dev-mcp vulnerable to command injection

A vulnerability was identified in elgentos magento2-dev-mcp up to 1.0.2. The affected element is the function executeMagerun2Command of the file src/index.ts. Such manipulation leads to os command injection. An attack has to be approached locally. The exploit is publicly available and might be...

5.3CVSS5.6AI score0.00812EPSS
Exploits0References9
Github Security Blog
Github Security Blog
added 2026/04/06 12:30 a.m.5 views

@elgentos/magento2-dev-mcp vulnerable to command injection

A vulnerability was identified in elgentos magento2-dev-mcp up to 1.0.2. The affected element is the function executeMagerun2Command of the file src/index.ts. Such manipulation leads to os command injection. An attack has to be approached locally. The exploit is publicly available and might be...

5.3CVSS5.4AI score0.00812EPSS
Exploits0References10Affected Software1
Cvelist
Cvelist
added 2026/04/05 10:30 p.m.30 views

CVE-2026-5603 elgentos magento2-dev-mcp index.ts executeMagerun2Command os command injection

A vulnerability was identified in elgentos magento2-dev-mcp up to 1.0.2. The affected element is the function executeMagerun2Command of the file src/index.ts. Such manipulation leads to os command injection. An attack has to be approached locally. The exploit is publicly available and might be...

5.3CVSS0.00812EPSS
Exploits0References8
CVE
CVE
added 2026/04/05 10:30 p.m.17 views

CVE-2026-5603

Summary (CVE-2026-5603) : A vulnerability in elgentos magento2-dev-mcp (up to 1.0.2) affects the function executeMagerun2Command in the file src/index.ts , enabling a local OS command injection . The issue is exploitable locally with a publicly available exploit. The patch identifier is aa1ffcc0a...

5.3CVSS5.6AI score0.00812EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.3 views

PT-2026-30513

Name of the Vulnerable Software and Affected Versions elgentos magento2-dev-mcp versions up to 1.0.2 Description A flaw exists in elgentos magento2-dev-mcp up to version 1.0.2 due to a command injection issue within the executeMagerun2Command function located in the src/index.ts file. This...

5.3CVSS5.9AI score0.00812EPSS
Exploits0References14
Rows per page
Query Builder