6 matches found
CVE-2026-0758
mcp-server-siri-shortcuts shortcutName Command Injection Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of mcp-server-siri-shortcuts. An attacker must first obtain the ability to execute low-privileged code on the...
Command Injection
Overview mcp-server-siri-shortcuts is a MCP server that provides access to Siri shortcuts Affected versions of this package are vulnerable to Command Injection via the shortcutName parameter. An attacker can execute arbitrary code with elevated privileges by supplying crafted input that is used i...
CVE-2026-0758
mcp-server-siri-shortcuts shortcutName Command Injection Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of mcp-server-siri-shortcuts. An attacker must first obtain the ability to execute low-privileged code on the...
CVE-2026-0758
Summary of CVE-2026-0758 (mcp-server-siri-shortcuts) : A local privilege-escalation command-injection flaw in the shortcutName parameter of mcp-server-siri-shortcuts. The issue arises from insufficient validation of a user-supplied string before it is used in a system call, allowing a low-privile...
Siri Shortcuts MCP Server: Operating System Command Injection Vulnerability
Siri Shortcuts MCP Server is a tool developed by David as an integrated voice assistant and a context-based protocol server for large models. The Siri Shortcuts MCP Server has a vulnerability related to operating system command injection, which stems from insufficient validation of the shortcutNa...
(0Day) mcp-server-siri-shortcuts shortcutName Command Injection Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of mcp-server-siri-shortcuts. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...