CVE-2025-11490 | wonderwhy-er DesktopCommanderMCP up to 0.2.13 Absolute Path src/command-manager.ts extractBaseCommand os command injection (Issue 218)

A vulnerability categorized as critical has been discovered in wonderwhy-er DesktopCommanderMCP up to 0.2.13. The affected element is the function extractBaseCommand of the file src/command-manager.ts of the component Absolute Path Handler. Such manipulation leads to os command injection.

This vulnerability is listed as CVE-2025-11490. The attack may be performed from remote. In addition, an exploit is available.

The vendor explains: “The usual use case is that AI is asked to do something, picks commands itself, and typically uses simple command names without absolute paths. It’s curious why a user would ask the model to bypass restrictions this way. (…) This could potentially be a problem, but we are yet to hear reports of this being an issue in actual workflows. We’ll leave this issue open for situations where people may report this as a problem for the long term.”

CVE-2025-11490 | wonderwhy-er DesktopCommanderMCP up to 0.2.13 Absolute Path src/command-manager.ts extractBaseCommand os command injection (Issue 218)

Post correlati

CVE-2024-37265 | Martin Gibson IdeaPush Plugin up to 8.60 on WordPress cross site scripting

CVE-2024-1251 | Tongda OA 2017 up to 11.10 delete.php DELETE_STR sql injection

CVE-2024-37995 | Siemens SIMATIC Reader RF610R CMIIT improper check or handling of exceptional conditions (ssa-765405)

CVE-2024-11905 | Animated Counters Plugin up to 2.0 on WordPress cross site scripting