CVE-2026-7039 | tufantunc ssh-mcp up to 1.5.0 src/index.ts shell.write Description command injection (Issue 44)

Inserito da Angelo Barbosa | Apr 25, 2026 | CVE

A vulnerability classified as critical was found in tufantunc ssh-mcp up to 1.5.0. The affected element is the function shell.write of the file src/index.ts. Such manipulation of the argument Description leads to command injection.

This vulnerability is listed as CVE-2026-7039. The attack must be carried out locally. In addition, an exploit is available.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2026-7039 | tufantunc ssh-mcp up to 1.5.0 src/index.ts shell.write Description command injection (Issue 44)

Post correlati

CVE-2025-5845 | Affiliate Reviews Plugin up to 1.0.6 on WordPress numColumns cross site scripting

CVE-2024-33690 | Jegstudio Financio Plugin up to 1.1.3 on WordPress cross-site request forgery

CVE-2023-42137 | PAX Technology symlink

CVE-2024-42126 | Linux Kernel up to 6.1.97/6.6.38/6.9.8 nmi_enter/nmi_exit allocation of resources