CVE-2025-61489

A command injection vulnerability in the shellexec function of sonirico mcp-shell v0.3.1 allows attackers to execute arbitrary commands via supplying a crafted command string...

CVE-2025-61489

A command injection vulnerability in the shellexec function of sonirico mcp-shell v0.3.1 allows attackers to execute arbitrary commands via supplying a crafted command string...

CVE-2025-61489

A command injection vulnerability in the shellexec function of sonirico mcp-shell v0.3.1 allows attackers to execute arbitrary commands via supplying a crafted command string...

CVE-2025-61489

A command injection vulnerability in the shellexec function of sonirico mcp-shell v0.3.1 allows attackers to execute arbitrary commands via supplying a crafted command string...

PT-2026-1825

Name of the Vulnerable Software and Affected Versions sonirico mcp-shell version 0.3.1 Description A command injection issue exists in the shell exec function. An attacker can execute arbitrary commands by providing a specially crafted command string. The issue affects the shell exec function...

CVE-2025-61489

A command injection vulnerability in the shellexec function of sonirico mcp-shell v0.3.1 allows attackers to execute arbitrary commands via supplying a crafted command string...

CVE-2025-61489

Affects: sonirico mcp-shell v0.3.1. Issue: command injection in the shell_exec function allows an attacker to execute arbitrary commands by supplying a crafted command string. Details across sources confirm the vulnerable component and the root cause as a shell_exec command handling flaw. Impact:...