CNNVD-202510-742 Information
Oct 05, 2025
cve
CNNVD ID
CNNVD-202510-742
Related CVE
- CNNVD Published: 2025-10-05
Description (Chinese)
MCPHub是samanhappy个人开发者的一个MCP服务器管理工具。 MCPHub 0.9.10及之前版本存在安全漏洞,该漏洞源于对文件src/controllers/serverController.ts中参数command/args的错误操作,可能导致os命令注入攻击。
Description (English)
MCPHub is an MCP server management tool for the personal developer of samanhappy. MCPHUb 0.9.10 and previous versions contain a security loophole, which stems from an error in the parameters command/args in document src/controllers/serverController.ts, which could lead to an Os command injection attack.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
个人开发者
Published
2025-10-05
Last Modified
2026-02-24
References
https://github.com/August829/YU1/issues/6 https://vuldb.com/?ctiid.327043 https://vuldb.com/?id.327043 https://vuldb.com/?submit.659734
Patch
https://github.com/samanhappy/mcphub/releases
Share on: