CNNVD-202601-4192 Information

CNNVD ID

CNNVD-202601-4192

Related CVE

CVE-2026-0757

• CNNVD Published: 2026-01-23

Description (Chinese)

MCP Manager for Claude Desktop是zue个人开发者的一个上下文协议管理软件。 MCP Manager for Claude Desktop存在操作系统命令注入漏洞，该漏洞源于处理MCP配置对象时缺乏对用户提供字符串的验证，可能导致沙箱逃逸和执行任意代码。

Description (English)

MCP Manager for Claude Desktop is a context protocol management software for zue personal developers. MCP Manager for Claude Desktop has a bug in the operating system command, which stems from a lack of string validation for users when handling MCP configuration objects, which may lead to sandbox escape and implementation of any code.

Hazard Level

Medium

Vulnerability Type

操作系统命令注入

Affected Vendor

个人开发者

Published

2026-01-23

Last Modified

2026-02-24

References

https://www.zerodayinitiative.com/advisories/ZDI-26-023/