CVE-2026-30625 | Upsonic 0.71.6 MCP os command injection

Inserito da Angelo Barbosa | Apr 15, 2026 | CVE

A vulnerability, which was classified as critical, was found in Upsonic 0.71.6. Affected is an unknown function of the component MCP Handler. Executing a manipulation can lead to os command injection.

This vulnerability is registered as CVE-2026-30625. It is possible to launch the attack remotely. No exploit is available.

You should upgrade the affected component.

CVE-2026-30625 | Upsonic 0.71.6 MCP os command injection

Post correlati

CVE-2025-32875 | COROS App up to 3.8.12 on Android Bluetooth Pairing cleartext transmission

CVE-2024-42061 | Zyxel ATP/USG FLEX/USG FLEX 50(W)/USG20(W)-VPN up to 5.38 URL dynamic_script.cgi cross site scripting

CVE-2024-28441 | magicflue up to 7.0 mail/mailupdate.jsp messageid unrestricted upload

CVE-2024-50411 | Kevon Adonis WP Abstracts Plugin up to 2.7.1 on WordPress cross site scripting