CVE-2025-66401

Name of the Vulnerable Software and Affected Versions MCP Watch versions 0.1.2 and earlier

Description MCP Watch, a security scanner for Model Context Protocol (MCP) servers, contains a Command Injection issue in the cloneRepo method of the MCPScanner class. The application directly passes the githubUrl argument, supplied by a user, to a system shell using execSync without proper sanitization. This allows an attacker to execute arbitrary commands on the host machine by appending shell metacharacters to the URL.

Recommendations Versions prior to 0.1.2 are vulnerable.