Vulnerabilities

CVE-2025-11491

by Fred · 08/10/2025

A vulnerability was found in wonderwhy-er DesktopCommanderMCP up to 0.2.13. The impacted element is the function CommandManager of the file src/command-manager.ts. Performing manipulation results in os command injection. It is possible to initiate the attack remotely. The exploit has been made public and could be used.

More information : https://github.com/wonderwhy-er/DesktopCommanderMCP/issues/217

Similar

Tags: Cybersecurity Alert