CVE-2026-7593 | Sunwood-ai-labs command-executor-mcp-server up to 0.1.0 MCP Interface src/index.ts execute_command os command injection

A vulnerability has been found in Sunwood-ai-labs command-executor-mcp-server up to 0.1.0 and classified as critical. This impacts the function execute_command of the file src/index.ts of the component MCP Interface. The manipulation leads to os command injection.

This vulnerability is referenced as CVE-2026-7593. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

The project was informed of the problem early through an issue report but has not responded yet.VulDB Recent EntriesRead More