CVE-2026-7038 | tufantunc ssh-mcp up to 1.5.0 Command Line src/index.ts insufficiently protected credentials (Issue 42)

Inserito da Angelo Barbosa | Apr 25, 2026 | CVE

A vulnerability classified as problematic has been found in tufantunc ssh-mcp up to 1.5.0. Impacted is an unknown function of the file src/index.ts of the component Command Line Handler. This manipulation causes insufficiently protected credentials.

This vulnerability is tracked as CVE-2026-7038. The attack is restricted to local execution. Moreover, an exploit is present.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2026-7038 | tufantunc ssh-mcp up to 1.5.0 Command Line src/index.ts insufficiently protected credentials (Issue 42)

Post correlati

CVE-2025-39957 | Linux Kernel up to 6.1.153/6.6.107/6.12.48/6.16.8 wifi ieee80211_prep_hw_scan buffer overflow

CVE-2024-39899 | PrivateBin up to 1.7.3 authentication bypass (GHSA-mqqj-fx8h-437j)

CVE-2024-0779 | Enjoy Social Feed Plugin up to 6.2.2 on WordPress cross-site request forgery

CVE-2023-52148 | wp.insider Affiliates Manager Plugin up to 2.9.30 on WordPress information disclosure