CVE-2025-66401

CRITICAL EPSS 77.9%
Published Dec 1, 20257mo ago · Modified Jun 17, 20261w ago
9.8 CVSS 3.1
Critical
Find Similar
Published Dec 1, 2025 7mo ago
Last Modified Jun 17, 2026 1w ago

Description

MCP Watch is a comprehensive security scanner for Model Context Protocol (MCP) servers. In 0.1.2 and earlier, the MCPScanner class contains a critical Command Injection vulnerability in the cloneRepo method. The application passes the user-supplied githubUrl argument directly to a system shell via execSync without sanitization. This allows an attacker to execute arbitrary commands on the host machine by appending shell metacharacters to the URL.

CVSS Details

Base Score
9.8
Exploitability
3.9
Impact
5.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
77.9% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available

Weaknesses 1

CWE-78 OS Command Injection Injection

Affected Products 1

VendorProductVersionRange
kapilduraphemcp_watch* ≤0.1.2

References 2

  • github.com https://github.com/kapilduraphe/mcp-watch/commit/e7da78c5b4b960f8b66c254059ad9ebc544a91a6
    Patch
  • github.com https://github.com/kapilduraphe/mcp-watch/security/advisories/GHSA-27m7-ffhq-jqrm
    ExploitVendor Advisory

Remediation

  • github.com https://github.com/kapilduraphe/mcp-watch/commit/e7da78c5b4b960f8b66c254059ad9ebc544a91a6
    Patch