CVE-2025-8697 | agentUniverse up to 0.0.18 MCPSessionManager/MCPTool/MCPToolkit StdioServerParameters os command injection

Inserito da Angelo Barbosa | Ago 7, 2025 | CVE

A vulnerability was found in agentUniverse up to 0.0.18 and classified as critical. This issue affects the function StdioServerParameters of the component MCPSessionManager/MCPTool/MCPToolkit. The manipulation leads to os command injection.

The identification of this vulnerability is CVE-2025-8697. The attack may be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-8697 | agentUniverse up to 0.0.18 MCPSessionManager/MCPTool/MCPToolkit StdioServerParameters os command injection

Post correlati

CVE-2024-2555 | SourceCodester Employee Task Management System 1.0 update-admin.php admin_id sql injection

CVE-2025-5895 | Metabase 54.10 dom.js parseDataUri redos (ID 57011)

CVE-2024-2635 | Cegid Meta4 HR 819.001.022 Configuration Page redirect

CVE-2024-22277 | VMware Cloud Director Availability up to 4.7.1 cross site scripting