Vulnerabilities

CVE-2025-6514

by Fred · 09/07/2025

mcp-remote is exposed to OS command injection when connecting to untrusted MCP servers due to crafted input from the authorization_endpoint response URL

Assigner : security@jfrog.com

More information : https://github.com/geelen/mcp-remote/commit/607b226a356cb61a239ffaba2fb3db1c9dea4bac

Similar

Tags: Cybersecurity Alert