CNNVD-202507-1014 Information
CNNVD ID
CNNVD-202507-1014
Related CVE
- CNNVD Published: 2025-07-08
Description (Chinese)
Node.js Sandbox MCP Server是Alfonso Graziano个人开发者的一个基于Node.js模型的上下文协议服务器。 Node.js Sandbox MCP Server 1.3.0之前版本存在安全漏洞,该漏洞源于命令注入,可能导致远程代码执行。
Description (English)
Node.js Sandbox MCP Server is a context protocol server based on the Node.js model of Alfonso Graziano ’ s personal developer. Node.js Sandbox MCP Server 1.3.0 had a security loophole, which originated from command injections and could lead to remote code execution.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
Live Support
Published
2025-07-08
Last Modified
2026-02-24
References
https://github.com/alfonsograziano/node-code-sandbox-mcp/security/advisories/GHSA-5w57-2ccq-8w95 https://github.com/alfonsograziano/node-code-sandbox-mcp/commit/e461a74ecb189b268daac0d972c467b49b2abdd2 https://access.redhat.com/security/cve/cve-2025-53372
Patch
https://github.com/alfonsograziano/node-code-sandbox-mcp/tags
Share on: