CVE-2026-10691 | wonderwhy-er DesktopCommanderMCP up to 0.2.38 start_search src/search-manager.ts SearchResult[] redos (Issue 375)

Inserito da Angelo Barbosa | Giu 2, 2026 | CVE

A vulnerability marked as problematic has been reported in wonderwhy-er DesktopCommanderMCP up to 0.2.38. This impacts an unknown function of the file src/search-manager.ts of the component start_search. Performing a manipulation of the argument SearchResult[] results in inefficient regular expression complexity.

This vulnerability is cataloged as CVE-2026-10691. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

It is suggested to upgrade the affected component.

CVE-2026-10691 | wonderwhy-er DesktopCommanderMCP up to 0.2.38 start_search src/search-manager.ts SearchResult[] redos (Issue 375)

Post correlati

CVE-2024-8566 | code-projects Online Shop Store 1.0 /settings.php error cross site scripting

CVE-2025-66052 | Vivotek IP7137 0200a setparam.cgi system_ntpIt os command injection

CVE-2024-32771 | QNAP QTS/QuTS hero/QuTScloud excessive authentication (qsa-24-28)

CVE-2024-53135 | Linux Kernel up to 6.1.118/6.6.62/6.11.9 VMX information disclosure