15 matches found
CVE-2026-0756
github-kanban-mcp-server execAsync Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of github-kanban-mcp-server. Authentication is not required to exploit this vulnerability. The specific flaw...
Command Injection
Overview @sunwood-ai-labs/github-kanban-mcp-server is an A Model Context Protocol server for managing GitHub issues as Kanban using gh CLI Affected versions of this package are vulnerable to Command Injection via the createissue parameter. An attacker can execute arbitrary code in the context of...
CVE-2026-0756
github-kanban-mcp-server execAsync Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of github-kanban-mcp-server. Authentication is not required to exploit this vulnerability. The specific flaw...
CVE-2026-0756 github-kanban-mcp-server execAsync Command Injection Remote Code Execution Vulnerability
github-kanban-mcp-server execAsync Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of github-kanban-mcp-server. Authentication is not required to exploit this vulnerability. The specific flaw...
CVE-2026-0756 github-kanban-mcp-server execAsync Command Injection Remote Code Execution Vulnerability
github-kanban-mcp-server execAsync Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of github-kanban-mcp-server. Authentication is not required to exploit this vulnerability. The specific flaw...
CVE-2026-0756
The CVE-2026-0756 issue affects github-kanban-mcp-server and stems from improper validation of the create_issue input before it is used in a system call, allowing an attacker to execute arbitrary code with the service account privileges, with no authentication required. References indicate this i...
PT-2026-1986
Name of the Vulnerable Software and Affected Versions github-kanban-mcp-server affected versions not specified Description A flaw exists in github-kanban-mcp-server that allows remote attackers to execute arbitrary code on affected systems. Authentication is not required for exploitation. The iss...
(0Day) github-kanban-mcp-server execAsync Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of github-kanban-mcp-server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the createissue parameter. The issue results from the lack of...
CVE-2025-53818
GitHub Kanban MCP Server is a Model Context Protocol MCP server for managing GitHub issues in Kanban board format and streamlining LLM task management. Version 0.3.0 of the MCP Server is written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Serv...
CVE-2025-53818
GitHub Kanban MCP Server is a Model Context Protocol MCP server for managing GitHub issues in Kanban board format and streamlining LLM task management. Version 0.3.0 of the MCP Server is written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Serv...
CVE-2025-53818 github-kanban-mcp-server Command Injection vulnerability
GitHub Kanban MCP Server is a Model Context Protocol MCP server for managing GitHub issues in Kanban board format and streamlining LLM task management. Version 0.3.0 of the MCP Server is written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Serv...
CVE-2025-53818 github-kanban-mcp-server Command Injection vulnerability
GitHub Kanban MCP Server is a Model Context Protocol MCP server for managing GitHub issues in Kanban board format and streamlining LLM task management. Version 0.3.0 of the MCP Server is written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Serv...
CVE-2025-53818
CVE-2025-53818 affects the GitHub Kanban MCP Server. Version 0.3.0 is vulnerable to a command-injection flaw in the MCP Server’s add_comment tool, which uses Node.js child_process.exec and concatenates user-supplied input with the gh command. This unsafe usage can lead to remote command execution...
GitHub Kanban MCP Server 操作系统命令注入漏洞
GitHub Kanban MCP Server is an application for Maki Personal Developers. An operating system command injection vulnerability exists in GitHub Kanban MCP Server version 0.4.0, which stems from a command injection in the addcomment tool...
PT-2025-29513 · Unknown · Github-Kanban-Mcp-Server
Name of the Vulnerable Software and Affected Versions: GitHub Kanban MCP Server versions 0.3.0 through 0.4.0 Description: GitHub Kanban MCP Server is a Model Context Protocol MCP server designed for managing GitHub issues in Kanban board format and streamlining LLM task management. The server’s a...