CVE-2025-11491 | wonderwhy-er DesktopCommanderMCP up to 0.2.13 src/command-manager.ts CommandManager os command injection (Issue 217)

A vulnerability identified as critical has been detected in wonderwhy-er DesktopCommanderMCP up to 0.2.13. The impacted element is the function CommandManager of the file src/command-manager.ts. Performing manipulation results in os command injection.

This vulnerability is cataloged as CVE-2025-11491. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.VulDB Recent EntriesRead More