Security Advisory

CVE-2025-11491

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-10-08 19:02:05

Last updated 2025-10-23 04:25:49

Assigner VulDB

State PUBLISHED

Description

A vulnerability was found in wonderwhy-er DesktopCommanderMCP up to 0.2.13. The impacted element is the function CommandManager of the file src/command-manager.ts. Performing manipulation results in os command injection. It is possible to initiate the attack remotely. The exploit has been made public and could be used.

← Browse all CVEs View on cve.org ↗