A vulnerability was found in wonderwhy-er DesktopCommanderMCP up to 0.2.13. The impacted element is the function CommandManager of the file src/command-manager.ts. Performing manipulation results in os command injection. It is possible to initiate the attack remotely. The exploit has been made public and could be used.
References
Configurations
No configuration.
History
08 Oct 2025, 19:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-10-08 19:15
Updated : 2025-10-08 19:38
NVD link : CVE-2025-11491
Mitre link : CVE-2025-11491
CVE.ORG link : CVE-2025-11491
JSON object : View
Products Affected
No product.