Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Overview mcp-nmap-server is a MCP server for performing network scanning using NMAP Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' via the childprocess.exec function in the Nmap CLI Command...

CVE-2026-3484

A vulnerability was detected in PhialsBasement nmap-mcp-server up to bee6d23547d57ae02460022f7c78ac0893092e38. Affected by this issue is the function childprocess.exec of the file src/index.ts of the component Nmap CLI Command Handler. The manipulation results in command injection. The attack may...

MCP NMAP Server 命令注入漏洞

MCP NMAP Server is a large model context server developed by Phiality’s individual developers. The MCP NMAP Server has a command injection vulnerability, which stems from the command childprocess.exec in the nmap CLI Command Handler component’s src/index.ts file...

PT-2026-22811

Name of the Vulnerable Software and Affected Versions PhialsBasement nmap-mcp-server versions up to bee6d23547d57ae02460022f7c78ac0893092e38 Description A command injection issue exists in the child process.exec function within the Nmap CLI Command Handler component, located in the src/index.ts...