CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Sonirico: >> Mcp-Shell >> 0.3.1 Security Vulnerabilities

CVE-2025-61489

A command injection vulnerability in the shell_exec function of sonirico mcp-shell v0.3.1 allows attackers to execute arbitrary commands via supplying a crafted command string.

CVSS Score

6.5

EPSS Score

0.111

Published

2026-01-07

Page 1

Vulnerabilities

Vulnerable Software

Sonirico: >> Mcp-Shell >> 0.3.1 Security Vulnerabilities

Products

Pricing

Contact Us