Lucene search
+L

7 matches found

euvd
euvd
added 2026/04/06 12:30 a.m.3 views

EUVD-2026-19134

A vulnerability was determined in Nor2-io heim-mcp up to 0.1.3. Impacted is the function registerTools of the file src/tools.ts of the component newheimapplication/deployheimapplication/deployheimapplicationtocloud. This manipulation causes os command injection. The attack requires local access...

5.3CVSS5.7AI score0.00812EPSS
Exploits0References9
osv
osv
added 2026/04/06 12:30 a.m.2 views

GHSA-WX4P-JR66-JFP9 @nor2/heim-mcp vulnerable to command injection

A vulnerability was determined in Nor2-io heim-mcp up to 0.1.3. Impacted is the function registerTools of the file src/tools.ts of the component newheimapplication/deployheimapplication/deployheimapplicationtocloud. This manipulation causes os command injection. The attack requires local access...

5.3CVSS5.7AI score0.00812EPSS
Exploits0References9
attackerkb
attackerkb
added 2026/04/05 10:15 p.m.2 views

CVE-2026-5602

A vulnerability was determined in Nor2-io heim-mcp up to 0.1.3. Impacted is the function registerTools of the file src/tools.ts of the component newheimapplication/deployheimapplication/deployheimapplicationtocloud. This manipulation causes os command injection. The attack requires local access...

5.3CVSS5.7AI score0.00812EPSS
Exploits0References8Affected Software1
vulnrichment
vulnrichment
added 2026/04/05 10:15 p.m.1 views

CVE-2026-5602 Nor2-io heim-mcp new_heim_application tools.ts registerTools os command injection

A vulnerability was determined in Nor2-io heim-mcp up to 0.1.3. Impacted is the function registerTools of the file src/tools.ts of the component newheimapplication/deployheimapplication/deployheimapplicationtocloud. This manipulation causes os command injection. The attack requires local access...

5.3CVSS5.7AI score0.00812EPSS
Exploits0References8
cve
cve
added 2026/04/05 10:15 p.m.13 views

CVE-2026-5602

Nor2-io heim-mcp up to 0.1.3 is affected in new_heim_application/deploy_heim_application/deploy_heim_application_to_cloud, specifically the registerTools function in src/tools.ts, which enables OS command injection due to the underlying root cause described in the CVE. The vulnerability requires ...

5.3CVSS5.7AI score0.00812EPSS
Exploits0References8
cnnvd
cnnvd
added 2026/04/05 12:0 a.m.9 views

Heim MCP 操作系统命令注入漏洞

Heim MCP is an open-source MCP server developed by NorNor, used for creating, deploying, and managing backend applications. Versions of Heim MCP prior to 0.1.3 contained a vulnerability related to operating system command injection. This vulnerability stemmed from operations on functions in the...

5.3CVSS6AI score0.00812EPSS
Exploits0References9
ptsecurity
ptsecurity
added 2026/04/05 12:0 a.m.9 views

PT-2026-30512

Name of the Vulnerable Software and Affected Versions Nor2-io heim-mcp versions up to 0.1.3 Description A flaw exists in the registerTools function within the src/tools.ts file of the new heim application/deploy heim application/deploy heim application to cloud component. This can lead to operati...

5.3CVSS5.9AI score0.00812EPSS
Exploits0References12
Rows per page
Query Builder