Security Advisory

CVE-2025-5277

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-05-28 13:14:26

Last updated 2025-05-28 13:27:50

Assigner snyk

State PUBLISHED

Description

aws-mcp-server MCP server is vulnerable to command injection. An attacker can craft a prompt that once accessed by the MCP client will run arbitrary commands on the host system.

← Browse all CVEs View on cve.org ↗