CVE-2026-7593 | Sunwood-ai-labs command-executor-mcp-server up to 0.1.0 MCP Interface src/index.ts execute_command os command injection

A vulnerability has been found in Sunwood-ai-labs command-executor-mcp-server up to 0.1.0 and classified as critical. This impacts the function execute_command of the file src/index.ts of the component MCP Interface. The manipulation leads to os command injection.

This vulnerability is referenced as CVE-2026-7593. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2026-7593 | Sunwood-ai-labs command-executor-mcp-server up to 0.1.0 MCP Interface src/index.ts execute_command os command injection

Post correlati

CVE-2024-36120 | ben-sb javascript-deobfuscator up to 1.0.x code injection

CVE-2025-50594 | Danphe Health Hospital Management System EMR 3.2 Password SecuritySettingsController.cs access control

CVE-2024-5929 | VIPRE Advanced Security PMAgent uncontrolled search path

CVE-2026-25374 | raratheme Spa and Salon Plugin up to 1.3.2 on WordPress authorization