CVE-2025-12489 | evernote-mcp-server openBrowser command injection

Inserito da Angelo Barbosa | Ott 31, 2025 | CVE

A vulnerability was found in evernote-mcp-server. It has been rated as critical. This impacts the function openBrowser. This manipulation causes command injection.

This vulnerability is tracked as CVE-2025-12489. The attack is restricted to local execution. No exploit exists.

Applying a patch is the recommended action to fix this issue.

CVE-2025-12489 | evernote-mcp-server openBrowser command injection

Post correlati

CVE-2024-22660 | Totolink A3700R 9.1.2u.6165_20211012 setLanguageCfg stack-based overflow

CVE-2024-44087 | Siemens Automation License Manager up to 5.x/6.2 Upd2 TCP Port 4410 integer overflow (ssa-103653)

CVE-2024-23787 | Sharp Energy Management Controller with Cloud Services up to B0.1.9.1 path traversal

CVE-2024-10128 | Topdata Inner Rep Plus WebServer 2.01 td.js.gz risky encryption