CVE-2026-7443 | BurtTheCoder mcp-dnstwist up to 1.0.4 MCP Interface src/index.ts fuzz_domain Request os command injection

A vulnerability was found in BurtTheCoder mcp-dnstwist up to 1.0.4. It has been declared as critical. Affected by this vulnerability is the function fuzz_domain of the file src/index.ts of the component MCP Interface. Executing a manipulation of the argument Request can lead to os command injection.

The identification of this vulnerability is CVE-2026-7443. The attack may be launched remotely. Furthermore, there is an exploit available.

The project was informed of the problem early through an issue report but has not responded yet.VulDB Recent EntriesRead More