CVE-2026-7064 | AgentDeskAI browser-tools-mcp up to 1.2.0 browser-connector.ts os command injection (Issue 232)

Inserito da Angelo Barbosa | Apr 26, 2026 | CVE

A vulnerability was found in AgentDeskAI browser-tools-mcp up to 1.2.0. It has been declared as critical. This issue affects some unknown processing of the file browser-tools-server/browser-connector.ts. Executing a manipulation can lead to os command injection.

This vulnerability appears as CVE-2026-7064. The attack may be performed from remote. In addition, an exploit is available.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2026-7064 | AgentDeskAI browser-tools-mcp up to 1.2.0 browser-connector.ts os command injection (Issue 232)

Post correlati

CVE-2023-5714 | System Dashboard Plugin up to 2.8.7 on WordPress sd_db_specs authorization

CVE-2023-42247 | Selesta Visual Access Manager up to 4.42.1 s_monitor_map.php cross site scripting

CVE-2025-5082 | WP Attachments Plugin up to 5.0.12 on WordPress attachment_id cross site scripting

CVE-2024-9189 | EU UK VAT Manager for WooCommerce Plugin up to 2.12.12 on WordPress authorization