CVE-2026-5741 | suvarchal docker-mcp-server up to 0.1.0 HTTP Interface src/index.ts stop_container/remove_container/pull_image os command injection

Inserito da Angelo Barbosa | Apr 7, 2026 | CVE

A vulnerability was found in suvarchal docker-mcp-server up to 0.1.0. It has been rated as critical. The impacted element is the function stop_container/remove_container/pull_image of the file src/index.ts of the component HTTP Interface. This manipulation causes os command injection.

This vulnerability is tracked as CVE-2026-5741. The attack is possible to be carried out remotely. Moreover, an exploit is present.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2026-5741 | suvarchal docker-mcp-server up to 0.1.0 HTTP Interface src/index.ts stop_container/remove_container/pull_image os command injection

Post correlati

CVE-2025-7760 | Ofisimo Association Web Package Flora up to 03022026 cross site scripting

CVE-2026-1483 | Quatuor Evaluación de Desempeño evaluacion_objetivos_ver_auto.aspx Id_usuario sql injection

CVE-2025-1167 | Mayuri K Employee Management System up to 192.168.70.3 Update_User.php id sql injection

CVE-2024-36547 | idcCMS 1.35 vpsClass_deal.php cross-site request forgery