CVE-2025-9262
The CVE-2025-9262 case concerns wong2 mcp-cli v1.13.0, where the redirectToAuthorization function in /src/oauth/provider.js within the oAuth Handler enables OS command injection. The vulnerability allows remote initiation, with high attack complexity and an exploit published and potentially usabl...