PT-2026-1826 · Unknown · Terminal-Controller-Mcp

Published

2026-01-07

Updated

2026-01-09

CVE-2025-61492

CVSS v3.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions terminal-controller-mcp version 0.1.7

Description A command injection issue exists in the execute command function of the software. Attackers can execute arbitrary commands by providing a crafted input. The vulnerability can lead to arbitrary code execution. The vulnerable parameter is a crafted input to the execute command function.

Recommendations Implement strict input validation.

Exploit

Fix

Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-77

Related Identifiers

CVE-2025-61492

GHSA-H4RF-624J-GJ33

Affected Products

Terminal-Controller-Mcp

PT-2026-1826 · Unknown · Terminal-Controller-Mcp

CVE-2025-61492

Weakness Enumeration

Related Identifiers

Affected Products

References · 8