CVE-2025-62801 | jlowin fastmcp up to 2.12.x on Windows server_name os command injection (GHSA-rj5c-58rq-j5g5)

A vulnerability classified as critical was found in jlowin fastmcp up to 2.12.x on Windows. The affected element is an unknown function. Executing manipulation of the argument server_name can lead to os command injection.

This vulnerability appears as CVE-2025-62801. The attack requires local access. There is no available exploit.

Upgrading the affected component is advised.VulDB Recent EntriesRead More