Lucene search
K

5 matches found

Patchstack
Patchstack
added 2026/05/07 9:45 p.m.8 views

NPM: mcp-ssh-tool has file transfer path policy bypass and bearer token comparison hardening

NPM: mcp-ssh-tool has file transfer path policy bypass and bearer token comparison hardening vulnerability discovered by ? in WordPress Npm mcp-ssh-tool versions = 2.1.0...

5.8AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/07 9:45 p.m.8 views

mcp-ssh-tool has file transfer path policy bypass and bearer token comparison hardening

Summary mcp-ssh-tool has released version 2.1.1 with security hardening for transfer path authorization and HTTP bearer authentication. The release addresses: - insufficient local path policy enforcement in transfer-related filesystem handling - incomplete canonicalization and segment-boundary...

5.8AI score
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/08/31 3:27 p.m.4 views

CVE-2025-9654

A security flaw has been discovered in AiondaDotCom mcp-ssh up to 1.0.3. Affected by this issue is some unknown functionality of the file server-simple.mjs. Performing manipulation results in command injection. The attack can be initiated remotely. Upgrading to version 1.0.4 and 1.1.0 can resolve...

6.5CVSS7.2AI score0.01349EPSS
Exploits0References1
OSV
OSV
added 2025/08/29 3:15 p.m.4 views

CVE-2025-9654

A security flaw has been discovered in AiondaDotCom mcp-ssh up to 1.0.3. Affected by this issue is some unknown functionality of the file server-simple.mjs. Performing manipulation results in command injection. The attack can be initiated remotely. Upgrading to version 1.0.4 and 1.1.0 can resolve...

5.3CVSS7.2AI score
Exploits0References5
NVD
NVD
added 2025/08/29 3:15 p.m.5 views

CVE-2025-9654

A security flaw has been discovered in AiondaDotCom mcp-ssh up to 1.0.3. Affected by this issue is some unknown functionality of the file server-simple.mjs. Performing manipulation results in command injection. The attack can be initiated remotely. Upgrading to version 1.0.4 and 1.1.0 can resolve...

6.5CVSS0.01349EPSS
Exploits0References5
Rows per page
Query Builder