PT-2026-1987 · Unknown · Mcp Manager For Claude Desktop

Brandon Niemczyk

Published

2026-01-09

Updated

2026-01-28

CVE-2026-0757

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions MCP Manager for Claude Desktop (affected versions not specified)

Description The software contains a security issue that allows for sandbox escape and arbitrary code execution within the context of the MCP Manager process. This is triggered by manipulated MCP configurations or malicious pages/files. The software is considered high risk in production environments.

Recommendations Disable or remove the software until an official fix is available.

Fix

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-78

Related Identifiers

CVE-2026-0757

ZDI-26-023

Affected Products

Mcp Manager For Claude Desktop

PT-2026-1987 · Unknown · Mcp Manager For Claude Desktop

CVE-2026-0757

Weakness Enumeration

Related Identifiers

Affected Products

References · 5